888.624.6737

syse-blog-header

Security Alert: Multiple Fortinet Operating System Vulnerabilities

April 06, 2021

Systems Engineering is aware of the FBI and CISA joint security advisory indicating threat actors are potentially using multiple Common Vulnerabilities and Exposures (CVE) to exploit Fortinet operating systems, known as FortiOS. The advisory calls out three vulnerabilities that may be used to gain access to business networks to begin data exfiltration or data encryption attacks. Vulnerabilities include;

Read More »

Security Bulletins & Alerts

Security Alert: Cisco Jabber Desktop and Mobile Client Software Vulnerabilities

March 31, 2021

Systems Engineering is aware of multiple vulnerabilities within Cisco Jabber Client software. These vulnerabilities affect Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for Mobile platforms. Vulnerabilities include:

Read More »

Security Bulletins & Alerts

Security Bulletin: Qualys Update on Third-Party Security Incident

March 08, 2021

Qualys Cloud Platform is the incident response and breach prevention vendor used at Systems Engineering to perform monthly external vulnerability scan for our customers. Recently, Qualys released a statement relating to a previously identified zero-day exploit in one of their third-party solutions (Accellion FTA).

Read More »

Security Bulletins & Alerts

Security Alert: Microsoft On-Premises Exchange Server Vulnerabilities

March 03, 2021

UPDATE MARCH 8, 2021

Systems Engineering learned of the Exchange on-premises server vulnerability on Tuesday, March 2nd, and activated our incident response plan.  

Read More »

Security Bulletins & Alerts

Security Alert: Apple iOS 14.4 Urgent Update

January 27, 2021

On Tuesday, January 26, 2021 Apple support released a new update for iPhone and iPad with security fixes for three vulnerabilities that may have been actively exploited. The latest version of  iOS & iPadOS 14.4 fixes the security bugs that may be under active attack by hackers.

Read More »

Security Bulletins & Alerts

Security Bulletin: SolarWinds Compromise Advisory Statement

December 16, 2020

UPDATE FOR THURSDAY, JANUARY 21

As you may have seen in the headlines, Malwarebytes recently announced it was targeted by the same threat actor who attacked SolarWinds. After an extensive investigation, Malwarebytes reported their Microsoft Office 365 and Azure environments were targeted, but they found “no evidence of unauthorized access or compromise in any internal on-premises and production environments.”

Read More »

Security Bulletins & Alerts

Security Alert: Windows Netlogon Elevation of Privilege Vulnerability

September 22, 2020

On Friday, September 18, 2020, Homeland Security Cybersecurity & Infrastructure Security Department issued an Emergency Directive regarding the Windows Server Netlogon Elevation of Privilege Vulnerability This Windows server operating system vulnerability could allow a cyber attacker to gain access to your Domain Controller (authentication server). From there, the attacker can give themselves administrative privileges for your network, start to run malicious software, and exfiltrate sensitive data.

Read More »

Security Bulletins & Alerts

End-of-Life for Microsoft Office 2010

September 21, 2020

Office 2010 will reach end-of-support on October 13, 2020. After this date, Microsoft will no longer provide technical support, bug fixes, or security updates for Office 2010. You will be able to continue using this version of Office, but by upgrading before any product falls out of support your business minimizes risks, including reducing exposure to security threats, remaining in compliance, and continuing to receive the latest product updates and support.

Read More »

Security Bulletins & Alerts, IT Solutions & Support

Security Alert: FBI Reports Increase in Windows 7 Cyberattacks

August 13, 2020

The FBI recently released a private industry notification (PIN) warning businesses about the increase in end-of-life attacks. "The FBI has observed cybercriminals targeting computer network infrastructures after an operating system achieves end-of-life status," the bureau said.

Read More »

Security Bulletins & Alerts

Security Alert: Cisco ASA, FMC, and FTD Software Security Advisory

May 13, 2020

Cisco released a collection of 12 Security Advisories for Cisco Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software. The collection includes High Risk Vulnerabilities that could give an attacker unauthenticated access to the affected device’s file system. This vulnerability can also cause a Denial of Service (DoS). This means a firewall would be incapable of passing through internet traffic and require a system reboot.

Read More »

Security Bulletins & Alerts