Microsoft is stepping up its game to protect Hybrid Workers from cyber threats. The new Windows 11 security features aim to address the ever-growing security concerns of hybrid workers. — What do these new features help with? Read more.
Managing your IT has become complex – contact Cornerstone.IT and learn how our Managed Services can help support the health of your network. IT Security Alerts to Keep an Eye On: Spring4Shell, Citrix CVEs, iManage Certificate Expirations April 13, 2022 Contact Cornerstone The following alerts were issued — (click or tap to expand) Spring4Shell Spring4Shell critical security alert – targeting Java Script FrameworkSome products being affected: CitrixCiscoVMware Citrix Security Advisory – Multiple CVE Citrix StoreFront [...]
Increase Cyber Vigilance as the Ukraine Conflict Escalates By Patrick Boyd, CSA With the current conflict and state actors targeting firms, enterprises, and governments, we need to be more aware and careful about our online interactions. Sophisticated attacks are well vetted and can be personal in nature; they have psychological and social aspects that make them appealing and/or disarming. Here at Cornerstone, we always want everyone to stay safe. Cyber-attacks are a constant threat and [...]
If not mitigated, potential remote exploits to an Apache component called Log4J can be executed by a malicious attacker. This vulnerability is known worldwide as CVE-2021-44228. Check this iManage Security Advisory.
Passwordless Authentication simply means MFA without a password: authenticating with other methods other than a password, such as biometrics, one-off email, or phone verification. MFA is often thought of as a second factor -in addition to a password- typically tied to a phone and approved with a phone call, push, or temporary numerical code. But MFA is more than that.
Alert: New Malware called “FoggyWeb” enables hackers to steal Admin Credentials Urgency/Severity: CRITICAL Issue / Vulnerability Digitaltrends.com summarizes the issue as follows: Microsoft has recently discovered another type of malware, named FoggyWeb by Microsoft, that hackers are currently using to remotely steal network admin credentials. The credentials allow the attacker group, which the company has called Nobelium, to hack into admin accounts of the Active Directory Federation Services’ (AD FS) servers and control users’ access [...]
Ask us how we can help secure your environment with the top 10-12 security enhancements every firm should have. #ITCornerView Product Security Alert: Windows Print Spooler Remote Code Execution Vulnerability Urgency/Severity: CRITICAL Issue / Vulnerability Microsoft is aware of and investigating a remote code execution vulnerability that affects Windows Print Spooler and has assigned CVE-2021-34527 to this vulnerability. This is an evolving situation and we will update the CVE as more information is available. A [...]
New York, NY, June 24, 2021 – Cornerstone.IT has taken security to the next level by adopting the National Institute of Standards and Technology (NIST) controls typically used for government agencies and Department of Defense contractors.
Ask us how we can help secure your environment with the top 10-12 security enhancements every firm should have. #ITCornerView Product Security Alert: Critical Citrix Vulnerability Allowing Malicious Attack Urgency/Severity: HIGH Issue / Vulnerability Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO.These vulnerabilities, if exploited, could result in the following security [...]
Ask us how we can help secure your environment with the top 10-12 security enhancements every firm should have. #ITCornerView Product Security Alert: Secure Your Dell Laptops and Desktops Now Issue/Vulnerability:Critical Vulnerability on Dell Laptops and Desktops running on Windows may lead to escalation of privileges, denial of service, or information disclosure Urgency/Severity: HIGH Scope A driver (dbutil_2_3.sys) packaged with Dell Client firmware update utility packages and software tools contains an insufficient access control vulnerability [...]
