syse-blog-header

BLOG

Security Bulletin: Windows 10 Crypto Vulnerability

January 15, 2020

Yesterday Microsoft announced and delivered a fix for a serious vulnerability in Windows 10 cryptography function (CVE-2020-0601). The NSA had previously discovered and notified Microsoft to develop a solution. Microsoft also stated that they had seen no exploit of this vulnerability to date. The vulnerability would allow an attacker to disguise their malicious software as a valid and certified piece of code; thereby spoofing the Windows 10 PC or Windows Server 2019 into thinking it is legitimate code that can be trusted and therefore executed.

Read More »

Systems Engineering Alert, IT Security

Security Bulletin: Citrix Application Delivery Controller and Citrix Gateway Vulnerability

January 03, 2020

Citrix recently published a critical security bulletin (CVE-2019-19781) advising users of a vulnerability in the Citrix Application Delivery Controller (ADC) device formerly known as NetScaler ADC, Citrix Gateway, and NetScaler Gateway. If exploited, it can allow an unauthenticated attacker to execute code on the appliance that can lead to possibly compromising a critical perimeter security component. Many organizations rely on these devices as load balancers to control access from the outside to internal Citrix Servers and to terminate SSL VPNs.

Read More »

Systems Engineering Alert, IT Security

Security Alert: Cisco ASA and FTD Security Advisory Bundled Publication

October 29, 2019

Cisco recently released a collection of 10 security advisories against Cisco's Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software. The collection includes a few high-risk vulnerabilities that affect File Transfer Protocol (FTP) Inspection, Session Initiated Protocol (SIP) inspection that could lead to a denial-of-service condition. Importantly, Cisco is not aware of any public exploitation of the vulnerabilities. 

Read More »

Systems Engineering Alert, IT Security

Security Alert: Fortinet Firewall SSL VPN Vulnerability

September 04, 2019

Systems Engineering is aware of the vulnerability affecting customers with Fortinet Firewalls who are using an SSL VPN (Secure Sockets Layers Virtual Private Network) to connect to their offices remotely. This vulnerability utilizes an improper limitation of a pathname to a restricted directory ("path traversal") in multiple Fortinet OS versions under the SSL VPN web portal.

Read More »

Systems Engineering Alert, IT Security

Microsoft Office 365 Email Delivery Degradation

June 30, 2016

Today at approximately 11:30am EST, users of Microsoft Office 365 began to experience delays and/or the nondelivery of external emails. 

Read More »

Systems Engineering Alert

Ransomware Continues to Proliferate

May 26, 2016

https://www.syseng.com/it-consulting-services/se-policyadvisor/Here at Systems Engineering (SE), we continue to see businesses impacted by ransomware; this creates a disruption to business and in some cases, a data breach. 

Read More »

Systems Engineering Alert, Cybercrime, IT Security

Business Email Compromise Scam

October 30, 2015

Last week, a client of ours received the phishing email below requesting wire transfer account information.  Fortunately for them, they did not fall for it.  In the actual email, real names and real emails were used and the recipient, "Jane", was likely to have the information the scammer sought. 

Read More »

Systems Engineering Alert, Cybercrime

File Sharing Applications

October 26, 2015

File sharing applications such as DropBox, ShareFile, Google Docs, and OneDrive are being utilized more frequently. Although these applications provide convenience, especially when sharing large files, they can create additional risks for your network.

Read More »

Systems Engineering Alert, Cybercrime, IT Security