Blog

By Nancy Rand, Posted in Security

October 13, SecurityWeek – (International) Critical vulnerability patched in Cisco conferencing product. Cisco reported that its Cisco Meeting Server (CMS) prior to version 2.0.6 and Acano Server prior to versions 1.8.18 and 1.9.6 were plagued with a critical vulnerability affecting the Extensible Messaging and Presence Protocol (XMPP) service that could allow an unauthenticated attacker to access the system as another user if the XMPP is enabled on the affected devices, as the XMPP service incorrectl... read more.

• October 17, 2016

By Nancy Rand, Posted in Security

October 13, SecurityWeek – (International) Attackers actively exploit recently patched BIND flaw. The Internet Systems Consortium (ISC) reported that it learned a high severity denial-of-service (DoS) vulnerability patched in the Domain Name Server (DNS) software BIND was exploited in the wild to crash servers after Infobyte security researchers published a proof-of-concept (PoC) code and Metasploit module demonstrating the attack. Source October12, SecurityWeek – (International) Cerber 4.0 fue... read more.

• October 14, 2016

By Celeste Collins, Posted in Technology Week in Review

October 10, 2016 Microsoft officials shared more guidance for admins who will be dealing with the new patching model, which was discussed in an October 7 blog post for IT pros. A rollup is simply multiple patches rolled together into a single update. These rollups will replace individual patches for Windows 7, 8.1, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2. Forcepoint has established deep roots in Canada with the opening of a state-of-the-art data center in Toronto, the count... read more.

• October 14, 2016

By Nancy Rand, Posted in Security

October 12, Softpedia – (International) Microsoft patches four zero-days used in live attacks. Microsoft released a security bulletin addressing 4 zero-day vulnerabilities in several of its products, including an information disclosure bug in Internet Explorer, remote code execution (RCE) flaws in Edge’s scripting engine and Windows graphics device interface (GDI), and a memory corruption vulnerability in Office, among other vulnerabilities. Microsoft reported all four zero-days have been exploi... read more.

• October 13, 2016

By Celeste Collins, Posted in Technology Week in Review

October 3, 2016 eG Innovations announces end-to-end monitoring and user experience management for applications delivered by Windows Server 2016. Scheduled for release in October 2016, eG Enterprise 6.2 will include support for Windows Server 2016, Microsoft Exchange 2016, Microsoft SQL Server 2016, and Microsoft Hyper-V 2016, plus all other components of Microsoft’s 2016 datacenter offerings. Proofpoint, Inc., a leading next-generation cybersecurity company, announced it has been named a leader in d... read more.

• October 12, 2016

By Nancy Rand, Posted in Security

October 11, SecurityWeek – (International) Malware abuses Windows Troubleshooting Platform for distribution. Proofpoint security researchers discovered a malicious backdoor, dubbed “LatentBot” was abusing the Microsoft Windows Troubleshooting Platform (WTP) feature to trick users into executing the malicious payload, which was being distributed via email attachments with a lure document that once opened, launches a digitally signed DIAGCAB file containing PowerShell commands that download... read more.

• October 12, 2016

By Stephen Kilcoyne, Posted in Infrastructure

Gotham Technology Group Elevated to Top Level of the New IGEL Partner Program MONTVALE, NJ and SAN FRANCISCO, Oct. 11, 2016 – Gotham Technology Group, a leading technology solutions provider in the Northeastern United States, and IGEL Technology, a world leader in the delivery of powerful workspace management software, IGEL OS™-powered thin clients, zero clients and all-in-one thin client solutions, today announced that Gotham Technology Group has been named a Platinum member of the new IGEL P... read more.

• October 12, 2016

By Nancy Rand, Posted in Security

October 7, SecurityWeek – (International) VMware patches directory traversal flaw in Horizon View. VMware released versions 7.0.1, 6.2.3, and 5.3.7 of its Horizon View products for Microsoft Windows after a security researcher, dubbed “Bruk0ut” discovered the products were plagued with a flaw that could allow a remote attacker to carry out a directory traversal attack on the Horizon View Connection Server to access sensitive information. Source October 7, SecurityWeek – (Internation... read more.

• October 11, 2016

By Brian Wagner, Posted in Infrastructure, Virtualization

Traditionally, to take advantage of SmartAccess or VPN, along with the new RDP Proxy functionality, Citrix Access Gateway Universal licenses were required. Standard and Enterprise appliances included 5 CAG Universal licenses for testing. Otherwise, ICA Only licensing was included to allow remote access to Citrix but no SmartAccess functionality. The platinum appliances included 100 licenses. If you are a Citrix XA or XD Platinum customer, the CAG Universal licenses were included for as many XA/XD licenses t... read more.

• October 11, 2016

By Nancy Rand, Posted in Security

October 6, SecurityWeek – (International) Mac malware can abuse legitimate apps to spy on users. A security researcher from Synack discovered that Apple Mac operating system (OS) X malware can monitor an infected system for legitimate user-initiated video sessions on applications such as FaceTime, Skype, and Google Hangouts, and piggyback on those legitimate sessions to record video and spy on users without their knowledge or authorization. Source October 5, Softpedia – (International) New back... read more.

• October 07, 2016