CyberSecurity - Cornerstone.IT

Veeam Backup & Replication Vulnerability (CVE-2023-27532)

A vulnerability been found in Veeam Backup & Replication that enables an unauthenticated user to request encrypted credentials, which can give them access to server hosts used for backup infrastructure.

Citrix Gateway & Citrix ADC remote code exploit (CVE-2022-27518)

Apply latest patch to mitigate zero-day vulnerability CVE-2022-27518 — A vulnerability has been discovered in Citrix Gateway and Citrix ADC, listed below, that, if exploited, could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance.

Microsoft Making Hybrid Work More Secure with New Windows 11 Security Features

Microsoft is stepping up its game to protect Hybrid Workers from cyber threats. The new Windows 11 security features aim to address the ever-growing security concerns of hybrid workers. — What do these new features help with? Read more.

IT Security Alerts to Keep an Eye On: Spring4Shell, Citrix CVEs, iManage Certificate Expirations (April 2022)

Increase Cyber Vigilance as the Ukraine Conflict Escalates

iManage Security Vulnerability due to third-party Apache component Log4j

If not mitigated, potential remote exploits to an Apache component called Log4J can be executed by a malicious attacker. This vulnerability is known worldwide as CVE-2021-44228. Check this iManage Security Advisory.

Going Beyond Passwords

Passwordless Authentication simply means MFA without a password: authenticating with other methods other than a password, such as biometrics, one-off email, or phone verification. MFA is often thought of as a second factor -in addition to a password- typically tied to a phone and approved with a phone call, push, or temporary numerical code. But MFA is more than that.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Category: CyberSecurity

Veeam Backup & Replication Vulnerability (CVE-2023-27532)

Citrix Gateway & Citrix ADC remote code exploit (CVE-2022-27518)

Microsoft Making Hybrid Work More Secure with New Windows 11 Security Features

IT Security Alerts to Keep an Eye On: Spring4Shell, Citrix CVEs, iManage Certificate Expirations (April 2022)

Increase Cyber Vigilance as the Ukraine Conflict Escalates

iManage Security Vulnerability due to third-party Apache component Log4j

Going Beyond Passwords

Security Alert: New Malware called “FoggyWeb” enables hackers to steal Admin Credentials

Product Security Alert: Windows Print Spooler Remote Code Execution Vulnerability

Cornerstone.IT Now NIST 800 171 Compliant

Services

Partners

Company

The Corner View

Cyber-skills: Building your own virtual superhero suit at home or at work (Part 1)

Cybersecurity Basics: How to Safeguard Your Firm in an Evolving Digital Landscape

Future-Proofing Your Law Firm: Key IT Investments for 2025

Citrix Workspace App local privilege escalation vulnerability on Windows (CVE-2024-7889 / CVE-2024-7890)

Jim Moreo Interview at ILTACON 2024 with Jennie Azoulai

Why Do a Tech Assessment?

Zero-click Vulnerability on Windows TCP/IP IPv6 (CVE-2024-38063)

More Posts →