A new detailed research report released from IntSights, a threat intelligence firm, reveals the cyber threat impact of COVID-19 to global business. It seems that a list of Zoom user credentials was found on the dark web.
Yesterday Microsoft announced and delivered a fix for a serious vulnerability in Windows 10 cryptography function (CVE-2020-0601). The NSA had previously discovered and notified Microsoft to develop a solution. Microsoft also stated that they had seen no exploit of this vulnerability to date. The vulnerability would allow an attacker to disguise their malicious software as a valid and certified piece of code; thereby spoofing the Windows 10 PC or Windows Server 2019 into thinking it is legitimate code that can be trusted and therefore executed.
The time for planning has ended. Microsoft will no longer provide extended support for Windows 7. While Extended Security Updates (ESU) may be available for Professional and Enterprise editions of Windows 7 (for a maximum of three years from January 14, 2020), this option will come at an increasing cost to organizations.
Citrix recently published a critical security bulletin (CVE-2019-19781) advising users of a vulnerability in the Citrix Application Delivery Controller (ADC) device formerly known as NetScaler ADC, Citrix Gateway, and NetScaler Gateway. If exploited, it can allow an unauthenticated attacker to execute code on the appliance that can lead to possibly compromising a critical perimeter security component. Many organizations rely on these devices as load balancers to control access from the outside to internal Citrix Servers and to terminate SSL VPNs.
Microsoft recently announced a pair of Windows 10 Remote Code Execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182. These vulnerabilities allow cybercriminals to obtain remote control of a computer over a network connection. Microsoft discovered the vulnerabilities during routine testing of Windows 10, which allowed them to publish the required security updates and notify the public at the same time.
Trends in Information Technology are continuously changing and, as a result, organizations are having to adapt to those changes. Let's look at the most prominent IT trends that are showing up today.
UPDATED JULY 2020
Have you wanted to move your organization's infrastructure to the cloud, but have reservations? Security, compliance, cost... These are all areas you wouldn’t want to have surprises. To help you navigate this process, we put together some key points to consider before making the move to the cloud.
At Systems Engineering, employees are our number one resource. Our success depends on our dedicated and skilled staff who share our values and contribute to our vision. The Systems Engineering Spotlight gives a brief but revealing look at one of our valuable members.
In the coming year, how will your organization be less vulnerable to security threats, remain in compliance, and continue to receive the latest product support?
Quick answer: Upgrade.
Review the chart below and ensure that your Microsoft products are not about to expire. The chart quickly points out some significant end-of-life/support dates that are on the horizon for some of the more popular Microsoft products, including Windows 7, Exchange 2010, and Office 2010.
It seems these dates are far out, but in reality, upgrade discussions should begin now in order to prepare appropriately. By applying upgrades before products fall out of support, your business will be less vulnerable to security threats, remain in compliance, and continue to receive the latest product support.
First, I want to thank you, our customer, for your continued partnership with Systems Engineering. As the world of technology gains in business importance and the demand to operate securely and productively remains a competitive differentiation, we appreciate more now than ever the trust and confidence you put in our team.