Skip to main content
Monthly Archives

September 2017

Instagram Takes a Peek: October Third-Party Patch Update

By Patch ManagementNo Comments

[vc_single_image source=”featured_image” img_size=”medium”]

Even celebrity status can’t protect your data

At the beginning of September, a news story broke that Selena Gomez had her Instagram hacked. Why does the Instagram of a celebrity matter this time? Because this hack goes much further.
Instagram won’t confirm just how many accounts were affected, but the hackers claim they have information on 6 million users. They used this information to set up a site called Doxagram, where you could pay to search for the private contact information of these users. These accounts included almost all of the 50 most followed Instagram accounts. People like Rihanna, Emma Watson, Floyd Mayweather, and even the official account of the white house.

Kaspersky Labs reported to Facebook that there was a flaw within the Instagram mobile app password reset option. However, it was in a 2016 version of the app, so if you have kept Instagram up to date, you should be protected.

This is just another lesson why it’s so critical to keep up to date on software patches. Any vulnerability, even in an unsuspecting, non-business software like Instagram, could lead to a major breach.

CCleaner adds malware to your devices

Avast, the parent company to Piriform, discovered that two of their products had been compromised. Hackers breached these two products and added malware into the new version. Then anyone who installed CCleaner also got this malware that allowed hackers to control the infected computer.

Affected Piriform products:

  • CCleaner v5.33.6162
  • CCleaner Cloud v1.07.3191

The software has since been updated to remove the malware, but the damage has been done. Piriform says that they fixed things “before any known harm was done” and that no sensitive data was collected. While that might be true, it doesn’t mean the hackers didn’t accomplish their goals. They go access to a massively used software and that, in turn, gave them a back door into businesses that use it.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Third-Party Updates

Every month we see a bevy of new third party updates, and are always enhancing our library of supported vendors. Special requests and additions are welcomed. This month’s releases include:

Below are a list of third-party software updates for the month:

Vendor Category Patch Version and Release Notes Link:
Adobe Media Software Flash Player 27 and AIR 27: https://helpx.adobe.com/flash-player/release-note/fp_27_air_27_release_notes.html
Google Web Browser Chrome 61.0.3163.100: https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html
Ivo Soft Misc. ClassicShell_v4.3.1: http://www.classicshell.net/history/
Peter Pawlowski Audio Player Foobar2000_v1.3.16: http://www.foobar2000.org/changelog
[vc_separator]

Start Patching

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Equifax Hack – What To Do Now

By NewsNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Three Steps To Protect Yourself and Your Company

Earlier this month we learned that criminals gained access to certain files in Equifax’s system from mid-May to July by exploiting a weak point in website software.

The big lesson here: Prepare yourself; this will happen again. You should already assume you are affected by the Equifax hack, just to be safe. Here are three steps you should take to protect yourself.

[vc_single_image image=”12852″ img_size=”200×200 px” alignment=”center”]

It is becoming increasingly difficult for companies to protect online data. To prevent a catastrophe, it’s important to implement rigorous patch management methods.

Updates should be tested and deployed in a safe, but rapid fashion. Reports and audit logs should also be provided to track the status of any tasks or view any systems that have been improperly accessed.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Syxsense is the solution for managing your IT environment. Our content is thoroughly tested, so you can rely on a smooth deployment. Our reports and audit logs are detailed, so you won’t miss any critical information. With two-factor authentication and 2048-bit encryption, you won’t have to worry about your IT tool being a weak point.

Secure your environment and discover a better way to manage with Syxsense.

Avoid Major Patch Pitfalls

By Patch ManagementNo Comments
[vc_single_image source=”featured_image” img_size=”medium”]

Whitepaper: Top 5 Patch Mistakes

With countless approaches to patch management, there are many misconceptions about the best strategy. After a year of global cyberattacks such as WannaCry and Petya, companies need to take every step against critical vulnerabilities and future outbreaks.

There is no excuse for delaying patching or taking major missteps when IT security is on the line. In many cases, heavily targeted vulnerabilities are addressed in previous patches, one of the many reasons it should be top priority.

A simple effective patch management strategy is the key to IT success. This doesn’t mean worrying about cyberattacks for a week every time something like WannaCry hits the press.

Patching should be a standard IT process to ensure your organization is always protected. Although many companies rely on auto-updates, our whitepaper explains why this can actually lead to more security holes.

This whitepaper breaks down the assumptions that many IT professionals have about managing their environment. When a future ransomware attack occurs, these mistakes could significantly contribute to the spread of malware.

When the next doomsday strikes, you should be completely bulletproof. With a critical patch management approach, you will always be prepared.

[dt_default_button link=”url:%20https%3A%2F%2Fgo.pardot.com%2Fl%2F62402%2F2017-07-19%2F3shh6q|||” size=”big” button_alignment=”btn_center”]DOWNLOAD THE WHITEPAPER[/dt_default_button]
[vc_single_image image=”12806″ img_size=”medium” alignment=”center” onclick=”custom_link” link=”https://go.pardot.com/l/62402/2017-07-19/3shh6q”]
[vc_separator]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.staging2.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
|

Breaking Patch News: Zero-Day Flaw

By News, Patch TuesdayNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Patch Now: Microsoft Fixes Zero-Day Flaw

Two major security flaws were addressed in the latest Patch Tuesday update. The first was a zero-day vulnerability that is currently being used in attacks against Russian-speaking users. The second is a response to the new BlueBorne exploit that targets Bluetooth devices.

If you’ve deployed the Patch Tuesday updates for September, you already have these updates. However, if you haven’t already done so, we strongly urge you make this your top priority.

We know Microsoft’s Patch Tuesday bundle can be a real pain and kill your day, but that’s where Syxsense can help. With our maintenance windows and patch queries, you can set automatic tasks to deploy Patch Tuesday Updates every month they are released and schedule them around business hours.

It’s important to avoid a loss of productivity, but it’s also critical to keep your systems free of vulnerabilities by patching. Syxsense allows you to do both. There’s no excuse for not patching your systems and great risk with waiting to deploy updates.

[vc_single_image image=”12852″ img_size=”200×200 px” alignment=”center”]

Equifax Should Have Patched

Another reason to keep up to date on patches; breaches like Equifax. It seems they have tracked down the source of the security breach, a flaw in the Apache Struts Web Framework. This vulnerability was revealed back in March and has an update that fixes it.

It seems this isn’t the end of Equifax’s incompetence, but only the beginning. An unrelated discovery found that Equifax’s Argentinian website had their administrator user/password login to admin/admin. There are not words for how foolish this is.

This is one of the three major agencies charged with tracking our financial lives. It’s important that punishment comes and safeguards are put in place so that something like this never happens again.

To protect and patch your environments, start a trial of Syxsense today.

[vc_separator css=”.vc_custom_1494871528028{padding-top: 15px !important;padding-bottom: 5px !important;}”]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.staging2.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
|||

September Patch Tuesday: Escaping the Equi-Hack

By News, Patch Management, Patch TuesdayNo Comments
[vc_single_image source=”featured_image” img_size=”medium”]

Money Well Spent

Every dollar of fraud to merchants and firms in the retail and financial services sector is estimated to cost $2.66 on average, said a new fraud report.

The LexisNexis Fraud Multiplier estimates the total amount of loss a business incurs, based on chargebacks, fees, interest, merchandise replacement and redistribution.

The study also investigates fraud costs as a percentage of revenues, as reported by survey respondents, to be nearly 2 percent (1.90 percent) across retail, e-commerce, financial services and digital lending businesses. Businesses that sell digital goods and/or conduct transactions primarily through remote channels take an even harder hit to their bottom line at 2.51 percent of revenues.

Robert Brown, Director of Services for Verismic says, “It’s astonishing how much money is being lost because critical systems are not being kept up to date. Updating critical systems is so easy using Syxsense. We recommend starting a trial to see how it can work for you.” Full article can be found here.

As recent as last Wednesday, a U.S. government website was hosting malicious ransomware. It has been wildly speculated that either the site was hacked, or it possibly stores attachments from government officials’ emails and the downloader was archived.

[vc_single_image image=”13032″ img_size=”200×200 px”]

The ransomware had similarities to the Blank Slate spam campaign which earlier this year was spreading Cerber. Emails in that campaign contained only a double-zip archive with the second containing either a malicious JavaScript file or a malicious Microsoft Word document. The emails contain no text, and experts believed then that all of this combined to evade detection.

Researcher Ankit Anubhav of NewSky Security tweeted the discovery Wednesday, and within hours, the malware link was taken down. It’s unknown whether anyone was infected through the site, full article can be found here.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Check your Equifax Credit Report and Score Now

Victims of the massive Equifax breach may have to wait days to find out if they were impacted. Americans who either applied for new jobs, loans, or just wanted to check their credit score via Equifax are having a difficult time getting answers as to whether they are part of the breach of 143 million records that occurred Thursday.

Details of how this breach happened is still very unclear, however with companies suffering the same fate over the past year, the root cause is likely to be via a sophisticated cyberattack exposed using vulnerable software or operating systems.

Robert Brown, Director of Services for Verismic says, “We recommend clients download our ‘5 Biggest Patch Mistakes‘ whitepaper.

Microsoft published its monthly security updates on September 12, 2017. Microsoft addressed 81 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, and Microsoft Office. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service. Full details of the complete Security Update Guide can be found here.

Microsoft Updates

We have chosen a few updates to prioritize this month. This recommendation has been made using evidence from industry experts (including our own), anticipated business impact and the independent CVSS score for the vulnerability. The independent CVSS scores used in the table below range from 0 to 10. Vulnerabilities with a base score in the range 7.0-10.0 are High, those in the range 4.0-6.9 as Medium, and 0-3.9 as Low.

ID Vulnerability Alert CVSS Score Recommended
CVE-2017-8686 Microsoft Windows DHCP Server Remote Code Execution Vulnerability 9.8 Yes
CVE-2017-8630 Microsoft Office Memory Corruption Vulnerability 9.6 Yes
CVE-2017-8631 Microsoft Office Memory Corruption Vulnerability 9.6 Yes
CVE-2017-8632 Microsoft Office Memory Corruption Vulnerability 9.6 Yes
CVE-2017-8725 Microsoft Office Publisher Arbitrary Code Execution Vulnerability 9.6 Yes
CVE-2017-9417 Microsoft Windows HoloLens Wireless Network Driver Arbitrary Code Execution Vulnerability 8.8 Yes
CVE-2017-8567 Microsoft Office Arbitrary Code Execution Vulnerability 8.6 Yes
CVE-2017-8744 Microsoft Office Memory Corruption Vulnerability 8.6 Yes
CVE-2017-8682 Microsoft Windows Graphics Component Remote Code Execution Vulnerability 8.4 Yes
CVE-2017-8742 Microsoft PowerPoint Arbitrary Code Execution Vulnerability 8.3 Yes
CVE-2017-8743 Microsoft PowerPoint Arbitrary Code Execution Vulnerability 8.3 Yes
CVE-2017-0161 Microsoft Windows NetBIOS Packet Processing Arbitrary Code Execution Vulnerability 8.1 Yes
CVE-2017-8628 Microsoft Windows Bluetooth Driver Spoofing Vulnerability 8.1 Yes
CVE-2017-8714 Microsoft Windows Remote Desktop Virtual Host Arbitrary Code Execution Vulnerability 7.8 Yes
CVE-2017-8720 Microsoft Windows Win32k Kernel Driver Privilege Escalation Vulnerability 7.8 Yes
CVE-2017-8759 Microsoft .NET Framework Arbitrary Code Execution Vulnerability 7.8 Yes
CVE-2017-8695 Microsoft Windows Uniscribe Component Information Disclosure Vulnerability 7.5 Yes
CVE-2017-8696 Microsoft Windows Uniscribe Component Arbitrary Code Execution Vulnerability 7.5 Yes
CVE-2017-8702 Microsoft Windows Privilege Escalation Vulnerability 7.5 Yes
CVE-2017-8747 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2017-8749 Microsoft Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2017-8750 Microsoft Edge and Internet Explorer Memory Corruption Vulnerability 7.5 Yes
CVE-2017-8706 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2017-8707 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2017-8711 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2017-8712 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2017-8713 Microsoft Windows Hyper-V Information Disclosure Vulnerability 7.2 Yes
CVE-2017-8675 Microsoft Windows Win32k Kernel Driver Privilege Escalation Vulnerability 7 Yes
CVE-2017-8699 Microsoft Windows Shell Command Arbitrary Code Execution Vulnerability 6.4
CVE-2017-8758 Microsoft Exchange Cross-Site Scripting Vulnerability 6.1
CVE-2017-8677 Microsoft Windows Win32k Kernel Driver Information Disclosure Vulnerability 5.5
CVE-2017-8678 Microsoft Windows Win32k Kernel Driver Information Disclosure Vulnerability 5.5
CVE-2017-8679 Microsoft Windows Kernel Information Disclosure Vulnerability 5.5
CVE-2017-8680 Microsoft Windows Win32k Kernel Driver Information Disclosure Vulnerability 5.5
CVE-2017-8681 Microsoft Windows Win32k Kernel Driver Information Disclosure Vulnerability 5.5
CVE-2017-8683 Microsoft Windows Graphics Component Information Disclosure Vulnerability 5.5
CVE-2017-8684 Microsoft Windows Win32k Graphics Component Information Disclosure Vulnerability 5.5
CVE-2017-8685 Microsoft Windows Win32k Graphics Component Information Disclosure Vulnerability 5.5
CVE-2017-8687 Microsoft Windows Win32k Kernel Driver Information Disclosure Vulnerability 5.5
CVE-2017-8688 Microsoft Windows Graphics Device Interface Information Disclosure Vulnerability 5.5
CVE-2017-8629 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2017-8745 Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2017-8704 Microsoft Windows Hyper-V Denial of Service Vulnerability 5.3
CVE-2017-8746 Microsoft Windows Device Guard Security Feature Bypass Vulnerability 5.3
CVE-2017-11761 Microsoft Exchange Information Disclosure Vulnerability 5.3
CVE-2017-8692 Microsoft Windows Uniscribe Component Arbitrary Code Execution Vulnerability 5
CVE-2017-8716 Microsoft Windows Security Feature Bypass Vulnerability 4.9
CVE-2017-8708 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2017-8709 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2017-8719 Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2017-8710 Microsoft Windows Kernel Information Disclosure Vulnerability 4.4
CVE-2017-8597 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.3
CVE-2017-8643 Microsoft Edge Information Disclosure Vulnerability 4.3
CVE-2017-8648 Microsoft Edge Scripting Engine Information Disclosure Vulnerability 4.3
CVE-2017-8723 Microsoft Edge Security Bypass Vulnerability 4.3
CVE-2017-8724 Microsoft Edge Spoofing Vulnerability 4.3
CVE-2017-8733 Microsoft Internet Explorer Spoofing Vulnerability 4.3
CVE-2017-8735 Microsoft Edge Spoofing Vulnerability 4.3
CVE-2017-8736 Microsoft Edge and Internet Explorer Information Disclosure Vulnerability 4.3
CVE-2017-8739 Microsoft Edge Scripting Engine Information Disclosure Vulnerability 4.3
CVE-2017-8649 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2017-8660 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2017-8728 Microsoft Windows PDF Document Processing Arbitrary Code Execution Vulnerability 4.2
CVE-2017-8729 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2017-8731 Microsoft Edge Memory Corruption Vulnerability 4.2
CVE-2017-8734 Microsoft Edge Memory Corruption Vulnerability 4.2
CVE-2017-8737 Microsoft Windows PDF Document Processing Arbitrary Code Execution Vulnerability 4.2
CVE-2017-8738 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2017-8740 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2017-8741 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2017-8748 Microsoft Edge and Internet Explorer Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2017-8751 Microsoft Edge Memory Corruption Vulnerability 4.2
CVE-2017-8752 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2017-8753 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2017-8754 Microsoft Edge Security Bypass Vulnerability 4.2
CVE-2017-8755 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2017-8756 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2017-8757 Microsoft Edge Arbitrary Code Execution Vulnerability 4.2
CVE-2017-11764 Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2017-11766 Microsoft Edge Memory Corruption Vulnerability 4.2
CVE-2017-8676 Microsoft Windows Graphics Device Interface Information Disclosure Vulnerability 3.3
[vc_separator]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
||

Massive Equifax Cyberattack Affects 143 Million

By NewsNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Hackers Access Personal Data of 143 Million Consumers

The credit reporting agency Equifax revealed that hackers gained access to company data that potentially compromised sensitive information for 143 million American consumers, including Social Security numbers and driver’s license numbers.

Criminals took advantage of a website vulnerability to gain access to files from mid-May through July of this year. The intruders also accessed dispute documents with personal identifying information for about 182,000 consumers.

To put that in perspective, per the US census Bureau, there are 323.1 million people in the US as of 2016. Nearly half of all US citizens just had their SSN stolen. Reports indicate that UK and Canadian consumers have been affected by the attack as well.

Equifax revealed that the leak was discovered on July 29th and took steps to stop the intrusion. It then hired a cybersecurity firm to determine the extent of the intrusion and what damage was done. The company reports that it has involved law enforcement, but it’s not clear at this point how the intruders entered the system or exactly what they took.

[vc_single_image image=”13020″ img_size=”200×200 px” alignment=”center”]

It is becoming increasingly difficult for companies to protect online data. To prevent a catastrophe, it’s important to implement rigorous patch management methods.

Updates should be tested and deployed in a safe, but rapid fashion. Reports and audit logs should also be provided to track the status of any tasks or view any systems that have been improperly accessed.

Syxsense is the solution for managing your IT environment. Our content is thoroughly tested, so you can rely on a smooth deployment. Our reports and audit logs are detailed, so you won’t miss any critical information. With two-factor authentication and 2048-bit encryption, you won’t have to worry about your IT tool being a weak point.

Secure your environment and discover a better way to manage with Syxsense.

[vc_separator css=”.vc_custom_1494871528028{padding-top: 15px !important;padding-bottom: 5px !important;}”]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Ftrial-sign-up%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
||

Invasion of the Body Hackers

By NewsNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Protect Your Pacemaker

Even pacemakers are vulnerable without updates. On August 29th, the FDA issued an alert regarding Abbott pacemakers. Formerly known as St. Jude Medical, the Abbott pacemakers below have vulnerabilities in their software.

Almost half a million people in the United States are highly recommended to get their pacemakers updated, as they are vulnerable to hacking.

You should contact your physician(s) if you or a family member rely on one of these devices.

Here are the vulnerable pacemakers and CRT-P devices:

  • Accent
  • Anthem
  • Accent MRI
  • Accent ST
  • Assurity
  • Allure

*This does NOT apply to any implantable cardiac defibrillators (ICDs) or cardiac resynchronization ICDs (CRT-Ds)*

So, why are we telling you about this? Doesn’t Syxsense just deal with computers? As everything in our world becomes connected to the internet, we will keep you up to date on all manner of relevant news.

[vc_single_image image=”13003″ img_size=”200×200 px” alignment=”center”]

In this case, keeping your device up to date could be protecting your literal health. This also serves as a good metaphor to learn from and apply to your IT management. One vulnerability in a place you least expect could be disastrous. Make sure to implement a cloud-based, IT solution to manage all your devices.

Syxsense simplifies discovery so you can quickly identify devices that need updates. From there, it’s simple to target those devices and deploy patches.

[vc_separator css=”.vc_custom_1494871528028{padding-top: 15px !important;padding-bottom: 5px !important;}”]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]
|

BitPaymer Ransomware Hits NHS

By NewsNo Comments
[vc_single_image source=”featured_image” img_size=”large”]

Is BitPaymer going to be bigger than WannaCry?

On August 25th, a handful of Scottish hospitals was infected with the BitPaymer ransomware. This group of hospitals, responsible for more than 654,000 residents, was also hit during the WannaCry ransomware event three months ago.

Although the hospitals reacted quickly and avoided paying a ransom, the hack caused major disruption, leading to thousands of cancelled appointments.

While a bullet was dodged here, BitPaymer has the potential to be much larger than WannaCry. A big danger is that this hack utilizes computers with RDP. According to some estimates, there are over 4 million endpoints vulnerable like this. That is 10 times more computers than WannaCry infected.

While RDP is a useful tool for keeping people productive, it’s risks outweigh the benefits. It’s time to replace RDP with a secure, powerful solution. Syxsense offers a Remote Desktop Access feature. We prioritize security and utilize 2048-bit encryption for communication.

BitPaymer doesn’t need end user interaction to infect a device. To show you who is accessing devices and when, we provide comprehensive audit logs and reports. Replace RDP and sign up for a free trial of Syxsense today!

[vc_single_image image=”12852″ img_size=”180×180 px” alignment=”center”]

[vc_separator css=”.vc_custom_1494871528028{padding-top: 15px !important;padding-bottom: 5px !important;}”]

Get Started

Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center” icon_type=”picker” icon_picker=”fas fa-angle-double-right” icon_align=”right”]START YOUR FREE TRIAL OF SYXSENSE[/dt_default_button]