Skip to main content
Monthly Archives

June 2016

||

Avoid The Cyber Heat With ‘Massive’ Microsoft Update

By Patch ManagementNo Comments

Long summer days come just in time for this month’s Patch Tuesday, which features an enormous number of Microsoft updates.

This month your IT security officers will need to double their efforts to appreciate the second massive release of Microsoft updates. Earlier this month, Microsoft released 34 KB updates covering Office 2007 to 2016. Today, they have released an additional 16 bulletins of which five are rated Critical and 11 are rated Important. If you are responsible for managing your server estate, you will have your hands full with 12 updates which are needed on the Windows Server OS — and many of them require reboots.

[vc_single_image image=”8925″ img_size=”medium” alignment=”center”]

Are Hackers Going Old-School?

Is there a global resurrection in the spread of viruses and malware using macros? Our evidence has shown, over the past 10 years, the global threat of cyber attacks has increased in sophistication. The damage caused has expanded massively to the point of data hijacking. We recommend our clients keep in mind that viruses can be delivered in the simplest of payloads: an email with a spreadsheet or a presentation or Word document.

Before 1997, the biggest threat to businesses was the corruption or virus infection of spreadsheets which were used by some of the most important departments in any business. We recommend you make sure your Office updates are applied and your antivirus software is up to date. If you are too focused on the next viable threat, you may forget to look at the basics.

[vc_single_image image=”11058″ img_size=”medium” alignment=”center”]

A study conducted by BusinessWire found that 66 percent of U.S. consumers are likely to stop doing business with organizations that have been hacked. The results are alarming when compared to the record number of complaints the FBI’s Internet Crime Center received from users infected with ransomware in 2015. Could your business be next?

“Recently many companies have been affected by the so-called ’Crypto Locker virus’ or variations thereof; so keeping your antivirus up to date is crucial in your defense against such attacks,” says James Rowney, service manager for Verismic. “However, what is often overlooked are operating systems and application security updates. There is no better defense from an attacker than a fully patched OS, yet many still believe that antivirus software being on the front line is where it ends; many are mistaken.”

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Microsoft Updates

MS16-039, which resolves several vulnerabilities within Windows, Lync and .NET Framework, has been re-released this month. The patch corrects the way they handle Windows embedded fonts. It is recommended you pay extra attention to this vulnerability being that it has been observed to upgrade Lync to Skype for Business. Additional testing should be done in order to reduce the chance of end-user disruption if you are still using Lync.

To help your IT security officers, we have chosen a few updates from this Patch Tuesday you should prioritize. This recommendation has been made using evidence from industry experts (including our own), anticipated business impact and the independent CVSS score for the vulnerability.

  1. MS16-063
  2. MS16-070
  3. MS16-071

MS16-063 resolves several vulnerabilities with Internet Explorer 9 to 11. It fixes how IE validates JavaScript, closes several memory handle issues and it corrects how Windows handles proxy discovery. Due to the high number of customers still using IE, we recommend this be a priority this month.

MS16-070 resolves vulnerabilities with Office 2007 to 2016. It fixes several memory handle issues and corrects Windows’ validation of some libraries. With the rise in exploits seen when using Word, Excel and PowerPoint documents, we recommend this also be a priority this month.

MS16-071 resolves a serious vulnerability with DNS on Windows Server 2012 and Windows Server 2012 R2 with both UI and Core editions. An unauthenticated attacker could send malicious requests to a DNS server which could allow them to run arbitrary code in the context of the Local System Account. Our research proves DNS populates most on this version of Windows; therefore, we recommend you prioritize this update this month.

The independent CVSS scores used in the table below range from 0 to 10. Vulnerabilities with a base score in the range 7.0-10.0 are High, those in the range 4.0-6.9 as Medium, and 0-3.9 as Low.

MS16-063 — Cumulative Security Update for Internet Explorer (3163649)
(Impact: Remote Code Execution; Restart Requirement: Requires restart; Severity: Critical; CVSS Score: 9.3)This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted web page using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.MS16-068 Cumulative Security Update for Microsoft Edge (3163656)
(Impact: Remote Code Execution; Restart Requirement: Requires restart; Severity: Critical; CVSS Score: 9.3)This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted web page using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.MS16-069 — Cumulative Security Update for JScript and VBScript (3163640)
(Impact: Remote Code Execution; Restart Requirement: Maybe; Severity: Critical; CVSS Score: 9.3)

This security update resolves vulnerabilities in the JScript and VBScript scripting engines in Microsoft Windows. The vulnerabilities could allow remote code execution if a user visits a specially crafted website. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

MS16-070 Security Update for Microsoft Office (3163610)
(Impact: Remote Code Execution; Restart Requirement: Maybe; Severity: Critical; CVSS Score: 9.3)

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

MS16-071 Security Update for Microsoft Windows DNS Server (3164065)
(Impact: Remote Code Execution; Restart Requirement: Requires restart; Severity: Critical; CVSS Score: 9.3)

This security update resolves vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted requests to a DNS server.

MS16-072 Security Update for Group Policy (3163622)
(Impact: Elevation of Privilege; Restart Requirement: Requires restart; Severity: Important; CVSS Score: 4.3)

This security update resolves vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker launches a man-in-the-middle (MitM) attack against the traffic passing between a domain controller and the target machine.

MS16-073 Security Update for Windows Kernel-Mode Drivers (3164028)
(Impact: Elevation of Privilege; Restart Requirement: Requires restart; Severity: Important; CVSS Score: 7.2)

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.

MS16-074 Security Update for Microsoft Graphics Component (3164036)
(Impact: Elevation of Privilege; Restart Requirement: Requires restart; Severity: Important; CVSS Score: 7.2)

This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow elevation of privilege if a user opens a specially crafted document or visits a specially crafted website.

MS16-075 Security Update for Windows SMB Server (3164038)
(Impact: Elevation of Privilege; Restart Requirement: Requires restart; Severity: Important; CVSS Score: 7.2)

This security update resolves vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application.

MS16-076 Security Update for Netlogon (3167691)
(Impact: Remote Control Execution; Restart Requirement: Requires restart; Severity: Important; CVSS Score: 8.5)

This security update resolves vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker with access to a domain controller (DC) on a target network runs a specially crafted application to establish a secure channel to the DC as a replica domain controller.

MS16-077 Security Update for WPAD (3165191)
(Impact: Elevation of Privilege; Restart Requirement: Requires restart; Severity: Important; CVSS Score: 4.3)

This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if the Web Proxy Auto Discovery (WPAD) protocol falls back to a vulnerable proxy discovery process on a target system.

MS16-078 Security Update for Windows Diagnostic Hub (3165479)
(Impact: Elevation of Privilege; Restart Requirement: Requires restart; Severity: Important; CVSS Score: 7.2)

This security update resolves vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application.

MS16-079 Security Update for Microsoft Exchange Server (3160339)
(Impact: Information Disclosure; Restart Requirement: Maybe; Severity: Important; CVSS Score: 4.3)

This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow information disclosure if an attacker sends a specially crafted image URL in an Outlook Web Access (OWA) message that is loaded, without warning or filtering, from the attacker-controlled URL.

MS16-080 Security Update for Microsoft Windows PDF (3164302)
(Impact: Remote Code Execution; Restart Requirement: Maybe; Severity: Important; CVSS Score: N/A)

This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted pdf file. An attacker who successfully exploited the vulnerabilities could cause arbitrary code to execute in the context of the current user. However, an attacker would have no way to force a user to open a specially crafted pdf file.

MS16-081 Security Update for Active Directory (3160352)
(Impact: Denial of Service; Restart Requirement: Requires restart; Severity: Important; CVSS Score: 4.0)

This security update resolves vulnerability in Active Directory. The vulnerability could allow denial of service if an authenticated attacker creates multiple machine accounts. To exploit the vulnerability an attacker must have an account that has privileges to join machines to the domain.

MS16-082 Security Update for Microsoft Windows Search Component (3165270)
(Impact: Denial of Service; Restart Requirement: Requires restart; Severity: Important; CVSS Score: N/A)

This security update resolves vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker logs on to a target system and runs a specially crafted application.

Learn more about Patch Management with Syxsense

This article was originally posted on Channel Partners.

||

How to beat the ‘working-at-home-feeling-left-out’ blues

By NewsNo Comments

These days, it seems like there are two kinds of employees – those who work from home at least part of the time and those who want to.

According to consultancy Global Workplace Analytics, 3.7 million employees (2.8% of the U.S. workforce) currently work from home at least half the time, but a whopping 80% to 90% say they would like to.

When you throw freelancers and other virtual workers into the mix, the percentage shoots up to 46%, according to the Society for Human Resources Management. And in a survey at the Global Leadership Summit in London, over a third (34%) of business leaders said more than half their company’s full-time workforce will be working remotely by 2020.

[vc_single_image image=”9878″ img_size=”medium” alignment=”center”]

On the flip side, in a study by Ernst & Young, a lack of workplace flexibility was cited as a top factor for quitting a job among 66% of Millennial-age respondents. In fact, Millennials cited work flexibility as a top job attribute, just after competitive pay and benefits.

Thankfully, telecommuting has gotten easier over the years, with new technologies continuously emerging to keep employees connected with each other, clients and the home office. Beyond the normal network connectivity and access to business systems used in remote work locations, here are a few additional tips for staying tuned in from home.

[vc_single_image image=”9879″ img_size=”medium” alignment=”center”]

1. Speak up during conference calls

Working remotely makes it all the more important to be vocal during group meetings, says Ken Piddington, CIO at MRE Consulting. “For the typical conference call meetings, make sure all in attendance know you are on the call and participating in a meaningful way,” he says. “Don’t just sit there and listen. You must be an active contributor.”

If you want to be visible as well, consider using a video conferencing service like Adobe Connect, which allows an unlimited number of participants to be on a call simultaneously, says Ashley Leonard, CEO and president of Verismic Software. “Many video conferencing services also offer the ability to screen-share documents, images and even your desktop,” he says.

2. Check-in regularly with co-workers

In addition to formal meetings, Piddington also suggests building less formal approaches into your schedule to establish ongoing communications. “Set time in the morning and the end of day for informal check-ins with various co-workers,” he says. “This helps to stay connected to what is going on in the office and enhances your relationship with your co-workers.

3. Look to the cloud for collaboration

Services like Dropbox, Evernote, Hightail and others have made it easier than ever to share documents for collaboration. Additionally, according to Leonard, project management programs can connect groups of remote workers to keep everyone current on what is getting done. He recommends Glip, a team productivity app that allows home-workers to chat with coworkers, create and manage task lists, schedule meetings and events, share files and videoconference.

“Through task management lists, it clearly lays out what everyone’s role is, which helps to eliminate any confusion over who should be accountable for certain aspects of a project,” he says.” Such time-saving tools “boost productivity in a way that rivals any other method.”

Pulse Infomatics, an applications development and IT consulting provider, uses Glip for collaborative discussions with employees, all of whom work remotely, according to company founder Matthew Moran. While Moran relies on a variety of tools for collaboration, including Google Drive for long-form documents and Google Calendar, he prefers Glip over Google Chat for online discussions. “I don’t want to be on public chat all day,” he says. “The only ones who see you’re online are part of the organization, so you don’t get interrupted as you would on [Google Chat] or Facebook.”

In addition to online discussions, Moran’s team uses the app (which he says is similar to other team communications apps such as HipChat and Slack) for videoconferencing, screen-sharing and file sharing. Pulse also invites clients into discussions through Glip and holds weekly video chats with each client.

With so many collaborative apps available, “We move between tools based on what we need to do,” he says. “If we need to share code, we might post it on Github or copy/paste it into Glip.” The company also uses Teamviewer for screen-sharing, as well as Smartsheets, which Moran describes as a cross between a spreadsheet and a project management tool. He particularly likes that the application enables automated notifications of tasks that need to be done via alerts sent to people to whom the tasks are assigned.

Read the full article at networkworld.com.

||

Why Healthcare Cloud Management is a Top Industry Concern

By NewsNo Comments

In the increasingly digital healthcare industry, it is essential to understand the available healthcare cloud management solutions for IT and data needs.

The healthcare sphere is increasingly a data-driven and interconnected system of information sharing ranging from patient electronic health records to cost and value metrics, clinical trial sets, readmission rates and even genomic sequencing. This is why healthcare cloud management solutions have become a more critical aspect to the healthcare IT space.

A 2014 EMC report indicated that the healthcare data space is growing at a rate of 48 percent per year, exceeding the 40 percent expansion across all of the digital realm. With such a diverse knowledge flow across the healthcare value chain from payers to providers and insurers, the need to securely coordinate and disseminate this information stream becomes critical.

[vc_single_image image=”9856″ img_size=”medium” alignment=”center”]

And this issue goes well beyond the news-grabbing headlines associated with cyberattacks and data breaches, which in 2015 accounted for nearly 100 million records accessed by unauthorized parties. An integrated and enterprise-wide platform for information transmission is an essential element in developing an efficient and well-functioning network.

[vc_single_image image=”7289″ img_size=”medium” alignment=”center”]

Understanding healthcare cloud infrastructure

This dynamic demands that healthcare participants, regardless of their place in the value chain, invest considerable capital spend on building a robust and highly operable IT architecture. For an increasing number of operations this means investments in cloud-based management systems.

A recent Dell study found that healthcare cloud application usage made a significant jump between 2014 and 2015. Specifically, cloud adoption increased from 25 percent in 2014 to 41 percent in 2015 in the healthcare field.

Cloud computing platforms provide a comprehensive solution-based approach for IT departments to manage their operating environment. In order to provide not just a secure environment for knowledge and data exchange, but an orderly, fast, effective and convenient one.

Cloud-enabled systems provide endpoint administration across an organization’s ecosystem. The upshot is that IT assets are accessible enterprise-wide without the cost and maintenance associated with traditional on-site server systems.

What are the healthcare cloud advantages?

The capabilities of cloud technologies are myriad and becoming more valuable in the healthcare industry and beyond. These competencies include:

  • Patching
  • Discovery and Inventory Tools
  • Software Distribution
  • Administration
  • Software License Monitoring
  • Discovery and Invoice Management
  • Custom Dashboards and Reports

Perhaps there is no greater emphasis for IT departments than patching, which is the means to consistently maintain the operating environment and keep the technology up-to-date.

Patching is primarily centered on software updates impacting the devices and systems of an organization. This is one of IT departments most critical tasks, as the primary target of cyber criminals is unpatched vulnerabilities in apps and the OS. The risk is acute as the 2016 IBM Security Report, which covers 18 years of patches, indicates there are over 100,000 known vulnerabilities. That works out to around 5,000 a year per device.

Yet, according to the Cisco 2015 Annual Security Report, only four in 10 company IT departments have a coordinated patching strategy.

Cloud-based systems management tools provide a repeatable, efficient and scalable regime to handle the stream of updates from a diverse array of operating systems including: Microsoft, Adobe, Cisco, Java, Apple and third-party vendors.

Read the full article at healthitsecurity.com.

|

Syxsense Honored With 2016 Technology Innovator Award

By Awards, NewsNo Comments

CMS Receives Acclaim From Global Corporate Vision Publication

ALISO VIEJO, CA — (Marketwired – Jun 6, 2016) – Verismic, a global leader in cloud-based IT Management technology, is proud to announce its recent win at the 2016 Technology Innovator Awards. Hosted annually by Corporate Vision Magazine, winners are recognized for their groundbreaking achievements in utilizing technology to fundamentally improve the global business landscape. Verismic, was honored as a transformational organization bringing world-class ideas, best practices, ingenious products, services and thought leadership to the marketplace.

[vc_single_image image=”9812″ img_size=”medium” alignment=”center”]

“To secure this acclaim is a privilege for our company,” says president and CEO Ashley Leonard. “This award is the latest recognition of Verismic’s ability to help organizations run their businesses more productively, efficiently and environmentally friendly.”

The innovative agentless and cloud-based model of Syxsense enables rapid deployment to all computers in a company’s network. This simplifies tasks like Microsoft and third-party patching, software distribution, power management and inventory gathering.

“When you examine the incredible organizations from around the world that are honored year-over-year by Corporate Vision Magazine, Verismic is in elite company,” says Leonard. “Our innovative Syxsense is changing how businesses administer their resources. The organizational movement toward a green energy strategy is not only about the environment, but reducing costs and maximizing profit.”

Corporate Vision Magazine’s platforms reach a global audience of over 170,000 professionals and executives, signifying the importance of earning the accolade.

Learn more about Syxsense’s awards and industry honors.

Verismic Software Embraces Two-Factor Authentication for CMS Platform

By NewsNo Comments

Verismic Software has embraced two-factor authentication for its Syxsense , the company has announced.

Now, in addition to the standard username-and-password security system, CMS also enables second-factor authentication via email, SMS, or Google Authenticator, the QR code-based authentication system recently embraced by WordPress. It’s a move aimed at shoring up clients’ protection against rising digital threats. Explaining the implementation of two-factor authentication in a statement, Verismic Software CEO Ashley Leonard pointed to the “serious concerns” of phishing and identity fraud.

[vc_single_image image=”9286″ img_size=”medium” alignment=”center”]

As in the case of WordPress’s embrace of Google Authenticator, it is not compulsory for CMS users to adopt two-factor security. But as Leonard puts it, by enabling the option for clients, Verismic Software is “keeping control of the network environment securely in the hands of the IT managers.” And given the growing awareness of digital threats among IT teams across various industries and sectors, it seems likely that many security professionals will take advantage of CMS’s new security options.

Learn more about Two Factor Authentication with Syxsense.

This post was originally featured on Mobile ID World.