Blog

By Nancy Rand, Posted in Security

May 26, SecurityWeek – (International) “Wekby” group uses DNS requests for C&C communications. Security researchers from Palo Alto Networks discovered that an advanced persistent threat (APT) group named Wekby, APT 18, Dynamite Panda, and TG-0416, was using the “pisloader” malware to infiltrate a system via Domain Name System (DNS) requests for command & control (C&C) communications, which allows the malware to bypass security products. The “pisloader” malware was believed to be a variant of the... read more.

  • May 27, 2016

By Nancy Rand, Posted in Security

May 25, Softpedia – (International) Fiverr removes DDoS-for-Hire services from its marketplace. Fiverr banned and removed a series of ads reportedly providing distributed denial-of-service (DDoS)-related offerings on its marketplace Web site after security researchers from Incapsula found several DDoS services. Source May 25, Softpedia – (International) Hackers take over thousands of Twitter accounts and tweet out adult content. Symantec discovered that over 2,500 Twitter accounts were compromised after... read more.

  • May 26, 2016

By Nancy Rand, Posted in Security

May 23, SecurityWeek – (International) Exploit for recently patched flash flaw added to Magnitude EK. A French security researcher discovered that attackers were integrating the Magnitude exploit flaw against previously patched Flash Player 21.0.0.213 installations to potentially deliver various pieces of malware, including Locky and Cerber ransomware. The exploit was not fully implemented in Magnitude and researchers advised users to be cautious of the exploit. Source May 21, Softpedia – (International)... read more.

  • May 25, 2016

By Stephen Kilcoyne, Posted in Virtualization

CITRIX SYNERGY 2016, Las Vegas, May 24, 2016 — M7 Global Partners, a consortium of leading U.S. IT consulting firms widely recognized for their commitment to serving as trusted advisors in the deployment of Citrix solutions, will showcase their technical expertise and demonstrate how organizations can leverage advanced IT infrastructure, virtualization and cloud solutions to solve their most pressing business challenges, this week at Citrix Synergy 2016 in Las Vegas. Representing M7 Global Partners o... read more.

  • May 25, 2016

By Nancy Rand, Posted in Uncategorized

May 20, The Register – (International) 60 percent of Androids exposed by new attack on mediaserver. A security researcher from Duo reported that about 60 percent of enterprise Android phones running Lollipop version 5 operating system (OS), KitKat version 4.4, and Marshmallow version 6 OS were susceptible to a Qualcomm Secure Execution Environment (QSEE) vulnerability after researchers discovered the flaw in the mediaserver component that could allow an attacker to gain complete control over the device by t... read more.

  • May 23, 2016

By Ryan Lee, Posted in Infrastructure

Leveraging Citrix StoreFront High Availability and Subscription Synchronization As consultants, engineers, and architects we are regularly challenged with complex scenarios each with their own very specific requirements. These scenarios can really put our skill set to the test and require us to sometimes think outside of the box to achieve our customer’s or companies’ end goal. I have been working with Citrix for nearly 12 years in some form or capacity, with the last 5 years geared primarily towards desig... read more.

  • May 23, 2016

By Nancy Rand, Posted in Security

May 19, Softpedia – (International) A quarter of all hacked WordPress sites can be attributed to three plugins. Sucuri conducted an investigation on over 11,485 compromised Web sites and released its “Website Hacked Report” which revealed that during the first 3 months of 2016, 78 percent of hacked Web sites were using the WordPress Content Management System (CMS) platform and found that attackers were primarily using outdated plugins to hack WordPress sites. Outdated plugins included RevSlider, GravityForm... read more.

  • May 20, 2016

By Nancy Rand, Posted in Security

May 18, SC Magazine – (International) Cisco patch blocks DoS vulnerability. Cisco released patches for its Adaptive Security Appliance (ASA) software after security researchers found attackers could alter a memory block, allowing the system to cease transferring traffic and cause a denial-of-service (DoS) situation. The flaw was reportedly linked to an issue in the installation of Internet Control Message Protocol (ICMP) error handling for Internet Protocol Security (IPSec) packets. Source May 18, Securi... read more.

  • May 19, 2016

By Nancy Rand, Posted in Security

May 17, SecurityWeek– (International) Critical vulnerability in Symantec AV Engine exploited by just sending an email. Symantec updated its Antivirus Engine (AVE) addressing a critical memory corruption flaw after a security researcher from Google Project Zero discovered the flaw affected most Symantec and Norton-branded antivirus products and reported the issue related to how the antivirus products handle executables compressed in the ASPack file compressor. The vulnerability can be remotely exploited for... read more.

  • May 18, 2016

By Nancy Rand, Posted in Security

May 16, SecurityWeek – (International) Data leaked from hacker forum Nulled.io. Risk Based Security reported that the popular forum, Nulled.io was compromised after hackers leaked a 1.3Gb archive containing more than 536,000 user account information including usernames, email addresses, hashed passwords, application program interface (API) credentials for payment gateways, authentication logs, and Internet Protocol (IP) addresses, among other data. Researchers are unsure how the Nulled.io database was compr... read more.

  • May 17, 2016