News and Blog

Law firms face a familiar challenge with higher stakes: how to plan an IT budget that balances productivity, security, and cost control. The legal industry is evolving rapidly—hybrid work, cybersecurity threats, and AI-driven tools are no longer optional considerations; they’re business imperatives.

As law firms prepare their 2026 budgets, one thing is clear: technology is no longer just a support function … it’s a strategic driver of client service, security, and profitability. The question isn’t whether to invest in IT, but how to do it wisely.

On August 26, 2025, Citrix released a security bulletin (CTX694938) addressing three critical vulnerabilities impacting NetScaler ADC and NetScaler Gateway appliances.

Cornerstone.IT has successfully completed its transition to the ISO/IEC 27001:2022 standard following a formal audit. This milestone reflects our ongoing commitment to maintaining a secure, resilient, and compliant information environment for our clients.

With Broadcom significantly raising the cost of VMware, many organizations are evaluating their options for server infrastructure. If you’re considering a switch, migrating to Microsoft Azure is a better choice. Here’s why …

Arctic Wolf has recently identified a widespread phishing campaign exploiting Microsoft 365’s Direct Send feature, which allows emails to be sent internally without authentication.

This is referred to as “CitrixBleed 2” due to its similarity to the infamous CVE-2023-4966 vulnerability. Given its ease of exploitation and potential for significant impact, organizations are advised to patch their vulnerable assets without delay.

NetScaler ADC and NetScaler Gateway versions 12.1 and 13.0 are now End Of Life (EOL) and are vulnerable. Customers are recommended to upgrade their appliances to one of the supported versions that address the vulnerabilities.

Our partner, Arctic Wolf has recently observed customers receiving unsolicited Microsoft multi-factor authentication (MFA) text messages.

Stay informed about the latest cyber threats targeting the legal industry and protect your sensitive information. Read the full article for detailed insights and contact us for assistance in safeguarding your firm.

CVE-2025-2783 is a high-severity zero-day vulnerability in Google Chrome that allows attackers to bypass the browser’s sandbox protection through a logical error at the intersection of Chrome’s security framework and the Windows operating system. This vulnerability enables remote code execution and system compromise.

Our partner, Arctic Wolf, has reported an ongoing campaign targeting websites across various industries with a fake CAPTCHA attack, where victims are presented with a challenge that ultimately leads to the loading of information stealer malware. We strongly encourage you to review the provided details and take appropriate measures to mitigate the associated risks.

When it comes to managing your business’s IT needs, choosing the right Managed Service Provider (MSP) can make all the difference. While large, national MSPs might have greater resources and reach, that scale often comes at a cost, both in hard dollars and approach. Patrick Boyd outlines some of the advantages a smaller MSP can offer.

New York, NY, February 12, 2025 — Cornerstone Information Technologies, LLC is recognized in CRN’s Managed Service Provider (MSP) 500 list in the Pioneer 250 category for 2025.

WATERLOO, ONTARIO and EDEN PRAIRIE, MINNESOTA – December 16, 2024 – Arctic Wolf® and BlackBerry Limited (NYSE: BB; TSX:BB), two global leaders in security software and services, today announced they have entered into a definitive agreement for Arctic Wolf to acquire BlackBerry’s Cylance® endpoint security assets. Cylance is the pioneer of AI-based endpoint protection trusted by thousands of organizations around the world. With this acquisition, Arctic Wolf ushers in a new era of simplicity, flexibility, and outcomes to the endpoint security market, delivering the security operations results customers have been asking for.

Join Cornerstone.IT & Arctic Wolf, ILTA technology leaders, for an engaging and informative session as we discuss the cybersecurity landscape and how to ensure you are being proactive with your firm’s security posture in 2025. As cyberattacks continue to evolve, it’s critical to understand the strategies bad actors use and how to protect sensitive client data and your firm’s reputation.

During this year’s Cybersecurity Awareness Month, we will explore the current landscape of online security threats, examine how individuals can safeguard themselves from potential breaches, and discuss strategies for organizations to empower their employees in defending against cyber-attacks.

The digital world is constantly evolving and some parts of it are scary. What can a firm or company do to protect itself when it seems like the barbarians are constantly at the proverbial gate? There are actually several basic steps you can do to protect your data and the data of your clients, not to mention your well-earned reputation.

As a law firm CIO or COO, planning your 2025 information technology budget involves anticipating future needs, addressing current challenges, and leveraging technology to enhance attorney productivity and security. Firms will need to continue to invest in their cloud migration and hybrid-work plans, but here are some other critical areas to focus on.

Local privilege escalation allows a low-privileged user to gain SYSTEM privileges with Citrix Workspace application on Windows.