IT Security Alerts to Keep an Eye On: Spring4Shell, Citrix CVEs, iManage Certificate Expirations (April 2022)

IT Security Alerts to Keep an Eye On: Spring4Shell, Citrix CVEs, iManage Certificate Expirations (April 2022)
Gallery
IT Security Alerts to Keep an Eye On: Spring4Shell, Citrix CVEs, iManage Certificate Expirations (April 2022)

Citrix, CyberSecurity, iManage, Managed Services

IT Security Alerts to Keep an Eye On: Spring4Shell, Citrix CVEs, iManage Certificate Expirations (April 2022)

Managing your IT has become complex – contact Cornerstone.IT and learn how our Managed Services can help support the health of your network. IT Security Alerts to Keep an Eye On: Spring4Shell, Citrix CVEs, iManage Certificate Expirations April 13, 2022 Contact Cornerstone The following alerts were issued — (click or tap to expand) Spring4Shell Spring4Shell critical security alert – targeting Java Script FrameworkSome products being affected: CitrixCiscoVMware Citrix Security Advisory – Multiple CVE Citrix StoreFront [...]

IT Security Alerts to Keep an Eye On: Spring4Shell, Citrix CVEs, iManage Certificate Expirations (April 2022)marc2022-04-13T08:16:59-04:00

Security Advisory: VMware ESXi, Workstation and Fusion –Multiple vulnerabilities
Gallery
Security Advisory: VMware ESXi, Workstation and Fusion –Multiple vulnerabilities

News

Security Advisory: VMware ESXi, Workstation and Fusion –Multiple vulnerabilities

Security Advisory: Multiple vulnerabilities in VMware ESXi, Workstation, and Fusion were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.

Security Advisory: VMware ESXi, Workstation and Fusion –Multiple vulnerabilitiesmarc2022-12-13T16:29:59-05:00

Microsoft Exchange Y2K22 email delivery failure
Gallery
Microsoft Exchange Y2K22 email delivery failure

Microsoft

Microsoft Exchange Y2K22 email delivery failure

“The problem relates to a date check failure with the change of the new year and it not a failure of the AV engine itself," according to the Microsoft Exchange Team.

Microsoft Exchange Y2K22 email delivery failuremarc2022-12-13T16:31:27-05:00

iManage Security Vulnerability due to third-party Apache component Log4j
Gallery
iManage Security Vulnerability due to third-party Apache component Log4j

Announcements - External, CyberSecurity, iManage

iManage Security Vulnerability due to third-party Apache component Log4j

If not mitigated, potential remote exploits to an Apache component called Log4J can be executed by a malicious attacker. This vulnerability is known worldwide as CVE-2021-44228. Check this iManage Security Advisory.

iManage Security Vulnerability due to third-party Apache component Log4jmarc2022-12-13T14:54:40-05:00

Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)
Gallery
Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)

Announcements - External, iManage

Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)

The iManage Security team identified a vulnerability affecting on-premises versions of iManage products. It is an exploit targeting the Apache HTTP Server which if not mitigated, can be exploited under certain conditions.

Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)marc2022-12-13T14:57:01-05:00

Alert: VMware vCenter Server Privilege Escalation Vulnerability
Gallery
Alert: VMware vCenter Server Privilege Escalation Vulnerability

News

Alert: VMware vCenter Server Privilege Escalation Vulnerability

VMware has investigated and confirmed possible exploits that can be performed by a malicious attacker using “privileged account escalation” method. Learn how to mitigate with the provided remediation tasks.

Alert: VMware vCenter Server Privilege Escalation Vulnerabilitymarc2022-12-13T15:37:35-05:00

Microsoft Exchange Server Vulnerabilities On-Premises & Hybrid
Gallery
Microsoft Exchange Server Vulnerabilities On-Premises & Hybrid

Microsoft, News

Microsoft Exchange Server Vulnerabilities On-Premises & Hybrid

Microsoft released patches and fixes during this week’s November Patch Tuesday. The report identified 55 vulnerabilities on Microsoft Windows, including on-premises (locally installed) products such as Microsoft Office (Microsoft Excel), Microsoft Edge browser and - most importantly - Microsoft Exchange.

Microsoft Exchange Server Vulnerabilities On-Premises & Hybridmarc2022-12-13T16:31:49-05:00

Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP Edition – Unauthenticated Denial of Service
Gallery
Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP Edition – Unauthenticated Denial of Service

Citrix, News

Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP Edition – Unauthenticated Denial of Service

Ask us how we can help secure your environment with the top 10-12 security enhancements every firm should have. #ManagedServices Alert: Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP Edition - Unauthenticated Denial of Service November 9, 2021 Severity: Critical Contact Us Issue / Vulnerability Unauthenticated denial of service and temporary disruption of services. Citrix has published a discovered vulnerability on Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP Edition devices that could result in possible [...]

Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP Edition – Unauthenticated Denial of ServiceAdriana Vitale2022-12-13T16:32:14-05:00

Nobelium – Targeting CSPs, MSPs, & Other IT Service Providers
Gallery
Nobelium – Targeting CSPs, MSPs, & Other IT Service Providers

News

Nobelium – Targeting CSPs, MSPs, & Other IT Service Providers

You may recall Nobelium from the infamous software supply chain attack on SolarWinds in 2020 that enabled bad actors access to various US government computers. Nobelium has been busy replicating its success on new prey: CSPs (Cloud Service Providers), MSPs (Managed Services Providers), and other IT service providers.

Nobelium – Targeting CSPs, MSPs, & Other IT Service Providersmarc2021-11-19T08:37:39-05:00

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

IT Security Alerts to Keep an Eye On: Spring4Shell, Citrix CVEs, iManage Certificate Expirations (April 2022)

Security Advisory: VMware ESXi, Workstation and Fusion –Multiple vulnerabilities

Microsoft Exchange Y2K22 email delivery failure

iManage Security Vulnerability due to third-party Apache component Log4j

Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)

Alert: VMware vCenter Server Privilege Escalation Vulnerability

Microsoft Exchange Server Vulnerabilities On-Premises & Hybrid

Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP Edition – Unauthenticated Denial of Service

Nobelium – Targeting CSPs, MSPs, & Other IT Service Providers

Services

Partners

Company

The Corner View

ILTACON 2023

Windows Server 2012 and 2012 R2 reaching end of support

Cornerstone.IT Awarded Citrix Platinum Partner Designation, Offering Clients Unmatched IT Solutions and Services

Reminder: Windows 10, version 20H2 end of servicing is May 9, 2023

Bain Capital Tech Opportunities Invests in iManage

Unpatched or Unsupported Microsoft Exchange Servers Can Expect an SMTP 450 Error

Citrix NetScaler 12.1 Goes End-of-Life (EOL)

More Posts →