Citrix Gateway & Citrix ADC remote code exploit (CVE-2022-27518)

Apply latest patch to mitigate zero-day vulnerability CVE-2022-27518 — A vulnerability has been discovered in Citrix Gateway and Citrix ADC, listed below, that, if exploited, could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance.

Citrix Gateway & Citrix ADC remote code exploit (CVE-2022-27518)2022-12-16T15:07:16-05:00

Critical Citrix Gateway and Citrix ADC Vulnerabilities

November 2022 continues strong with more cybersecurity vulnerabilities. If you are running Citrix Gateway and Citrix ADC, stop what you are doing and read this post. Please reach out to www.Cornerstone.IT with any questions. We are a Citrix Gold partner with decades of Citrix experience.

Critical Citrix Gateway and Citrix ADC Vulnerabilities2022-11-09T10:28:15-05:00

Early November Security Alerts You Must be Aware of — Dropbox and Fortinet

Security Announcement: November 3, 2022 Contact Cornerstone Early November Security Alerts You Must Be Aware of - Dropbox and Fortinet Updated on November 8th, 2022 Security Issues November 2022 kicks off with a cluster of cybersecurity alerts. Two of the most prominent ones we have identified this week include Dropbox and Fortinet Dropbox Issue A successful phishing campaign accessed Dropbox code stored in GitHub. The issue has been resolved and no content, passwords, or payment [...]

Early November Security Alerts You Must be Aware of — Dropbox and Fortinet2022-11-09T10:16:44-05:00

iManage Security Vulnerability due to third-party Apache component Log4j

If not mitigated, potential remote exploits to an Apache component called Log4J can be executed by a malicious attacker. This vulnerability is known worldwide as CVE-2021-44228. Check this iManage Security Advisory.

iManage Security Vulnerability due to third-party Apache component Log4j2022-12-13T14:54:40-05:00

Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)

The iManage Security team identified a vulnerability affecting on-premises versions of iManage products. It is an exploit targeting the Apache HTTP Server which if not mitigated, can be exploited under certain conditions.

Alert: Third-party Security Vulnerability Affects On-Premises versions of iManage Systems (Apache)2022-12-13T14:57:01-05:00

Microsoft Exchange Server Vulnerabilities On-Premises & Hybrid

Microsoft released patches and fixes during this week’s November Patch Tuesday. The report identified 55 vulnerabilities on Microsoft Windows, including on-premises (locally installed) products such as Microsoft Office (Microsoft Excel), Microsoft Edge browser and - most importantly - Microsoft Exchange.

Microsoft Exchange Server Vulnerabilities On-Premises & Hybrid2022-12-13T16:31:49-05:00

Alert: Multiple Vulnerabilities in VMware vCenter Server

Alert: Multiple Vulnerabilities in VMware vCenter Server September 21, 2021 What is being impacted? Multiple vulnerabilities in VMware vCenter Server have been reported to VMware, affecting vCenter Server and Cloud Foundation. What’s the issue? There is an arbitrary file upload vulnerability in the Analytics service. What happens if I do not address this? Specially crafted files can be uploaded by malicious actors with network access to port 443 to execute code. What should I do? [...]

Alert: Multiple Vulnerabilities in VMware vCenter Server2022-12-13T15:43:47-05:00

Product Security Alert: Critical Citrix Vulnerability Allowing Malicious Attack

Ask us how we can help secure your environment with the top 10-12 security enhancements every firm should have.  #ITCornerView Product Security Alert: Critical Citrix Vulnerability Allowing Malicious Attack June 15, 2021 Urgency/Severity: HIGH Issue / Vulnerability Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO.These vulnerabilities, if exploited, could result in [...]

Product Security Alert: Critical Citrix Vulnerability Allowing Malicious Attack2022-12-13T15:56:04-05:00