Articles In Uncategorized

By Ken Phelan, Posted in Uncategorized

I was out at Black Hat last week and I thought I’d sum up some of the things I learned for those of you who couldn’t make it - Top 10 things I learned at Black Hat: Hackers don’t look like they do in the movies. Well, some do, but not the majority of them. Hacking is less emo than you think. It’s also more boring than it looks on the movies. It’s really a long process of finding vulnerabilities in an environment and matching them to exploits. It’s more like data analysis than playing some kind of vid... read more.

• August 19, 2015

By Timothy Karl, Posted in Uncategorized

Starting with Presentation Server 4.5, Citrix introduced a feature called Proximity Printing. This feature allows an administrator to control the assignment of network printers based on a user’s location using a combination of session printer policies and filters, e.g., mapping a network printer based on a client IP address, or a range of client IP addresses. With XenApp 6 and later versions, the client IP address filter changed, and the option to enter an IP address range was removed. The only option wi... read more.

• July 09, 2015

By Timothy Karl, Posted in Uncategorized

Maintaining a Citrix environment with the latest Microsoft and Citrix hotfixes is critical to the health of every environment. However, keeping up-to-date with all of the recommended hotfixes can be a time-consuming process for administrators. The good news is Citrix maintains several support articles that provide recommended hotfixes for various Citrix products. Updated articles are posted when new Citrix and Microsoft hotfixes become available. I highly recommend that every Citrix administrator reads t... read more.

• July 02, 2015

By Nancy Rand, Posted in Uncategorized

June 3, Help Net Security – (International) Weak SSH keys opened many GitHub repositories to compromise. A security researcher discovered that large numbers of GitHub repositories are vulnerable to compromise and the delivery of malicious code due to a flaw that generated weak cryptographic secure shell (SSH) keys until 2008. Source June 3, Help Net Security – (International) IoT devices entering enterprises, opening company networks to attacks. A recently released OpenDNS report on Internet of Things (I... read more.

• June 04, 2015

By Ed Bratter, Posted in Uncategorized

Background If your organization has deployed a Microsoft Certificate Authority (CA) for its PKI solution, your users probably started inquiring recently what the yellow triangle in the address bar of Google Chrome is all about (if they haven’t, either you are ahead of the curve or your users are… Well, I won’t go down that slippery slope). When clicking on the padlock, additional information shows that the website is encrypted with obsolete cryptography. Additionally, there is a reference that SHA1... read more.

• May 20, 2015

By Nancy Rand, Posted in Uncategorized

May 15, Softpedia – (International) Apache fixes vulnerability affecting security manager protections. The security team responsible for Apache Tomcat discovered a vulnerability in multiple versions of the software’s open-source web server and servlet container that could allow an attacker to bypass protections for the Security Manager component and run malicious web applications. Source May 14, CNN – (International) Washington Post mobile site temporarily shut down in apparent hack. The Washington Post... read more.

• May 19, 2015

By Nancy Rand, Posted in Uncategorized

May 14, Softpedia – (International) Cisco TelePresence vulnerable to unauthorized root access, denial of service. Cisco reported two vulnerabilities in versions of its TelePresence TC and TE video conference products in which an attacker could exploit improper authentication protocols for internal services to bypass authentication and obtain root access on the system, and a flaw in the network drivers in which an attacker could use specially crafted internet protocol (IP) packets sent at a high rate to caus... read more.

• May 18, 2015

By Nancy Rand, Posted in Uncategorized

May 5, Help Net Security – (International) New AlphaCrypt ransomware delivered via Angler EK. Security researchers at Webroot and Rackspace discovered and determined that a new form of ransomware resembling TeslaCrypt and CryptoWall, dubbed AlphaCrypt, is being delivered via the Angler exploit kit (EK). Researchers stated that it differs from other ransomware variants by deleting volume snapshot services (VSS) and executing quietly in background processes to avoid detection. Source May 5, Help Net Securi... read more.

• May 06, 2015

By Nancy Rand, Posted in Uncategorized

May 4, Securityweek – (International) PayPal fixes remote code execution flaw in Partner Program website. PayPal fixed a vulnerability discovered by Vulnerability Lab researchers in its Partner Program Web site which would allow an attacker to leverage a bug in the site’s Java Debug Wire Protocol (JDWP) service to remotely execute server-side commands with root privileges. Source May 1, Threatpost – (International) Mozilla moving toward full HTTPS enforcement in Firefox. The Mozilla Foundation reported t... read more.

• May 06, 2015

By Nancy Rand, Posted in Uncategorized

April 30, Help Net Security – (International) Barracuda fixes critical MITM flaws in its Web filter. Barracuda Networks issued a security update patching two critical flaws in the firmware of its Web Filter appliances in which an attacker could perform man-in-the-middle (MitM) attacks due to vulnerabilities in certificate verification when performing secure socket layer (SSL) inspection and the use of default certificates for multiple machines. Source April 29, Securityweek – (International) Bartalex mal... read more.

• May 01, 2015