Skip to main content
Monthly Archives

February 2018

|||

Syxsense Launches IoT Device Management

By Video

Syxsense Launches IoT Device Management

New feature provides a centralized IT management solution to track IoT devices.

ALISO VIEJO, Calif. (February 27, 2018) – Verismic, a global leader in cloud-based IT management technology, has released a new Syxsense version featuring a centralized solution to track IoT devices.  This new feature is a proactive solution that dynamically indicates what IoT devices have been added to your network. IoT devices automatically appear in the console the first time Syxsense is opened.

Thousands of different IoT devices already permeate corporate infrastructures. Currently, IT departments may not have insight into what those devices are. If the IT department is only managing your laptops, desktops, and servers, it is not enough. Anything with an IP address, from a phone to the office coffee machine, has the potential to connect to the same infrastructure as servers.

“Our IoT Device Management feature will solve the problem of visibility into the major vulnerabilities IoT devices present. You may be shocked to see the number of devices already connected to your network,” commented Ashley Leonard, CEO for Verismic Software. “Over time, your Syxsense archive data becomes progressively more meaningful as you see the number of managed devices rise.”

“Suppose for security reasons you run your corporate servers and workstations with no access to the internet,” said Diane Roger, Chief Product Officer for Syxsense. “Unfortunately, even secure on-premise networks can be exposed. If an employee brings in a seemingly innocuous smart device, suddenly your isolated internal network is open to the internet and its ransomware attacks. Syxsense is a way to prevent that vulnerability.”

For more information about Syxsense, visit www.syxsense.com/internet-of-things.

Start a Free Trial of Syxsense

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||

February Patch Tuesday: Hackers Say Hello

By News, Patch Tuesday

Telegram Messenger Exploited Again

Back in March 2017 we saw “Secure” WhatsApp and Telegram messenger applications being exploited by the user receiving a seemingly harmless image file which actually hosts malicious HTML code.

This code directs them to a webpage specifically crafted to harvest personal data from the user device and hijack their accounts.

Today it seems that Telegram did not learn their lesson. The application has been exploited again using the same flaw, this time with the aim of distributing malicious software to harness the users device for mining cryptocurrencies.

The 2018 exploit works is by the hacker again sending an image file to be opened by the user which hosts a malicious VB Script. The file would for example be calledphoto_high_re*U+202E*gnp.js.

Note the U+202E part of the name, this is the RLO character which tells Telegram to display the remaining string in reverse hiding the script and keeping the js file extension.

While this exploit primarily targets home users, it is not limited to this audience. Having a capable systems management tool like Syxsense in your environment can help combat these kind of attacks which are becoming more and more frequent.

IoT devices are being targeted by hackers. In the midst of the WannaCry outbreak reports,  a factory was reportedly exploited even though its devices had no direct internet access at the time. The culprit after investigation was found to be a coffee machine with Wi-Fi capability.

James Rowney, Service Manager for Verismic commented: “In this day and age we are seeing more and more convenience devices that are obviously designed to make our lives easier when in fact we are just leaving ourselves open to attack.”

When looking at such appliances, we need to consider the potential fall out if they were to be exploited especially in the workplace. If a coffee machine can take down a factory then anything is possible.

Be vigilant, stay protected and consider a systems management tool with IoT tracking capabilities like Syxsense.

[vc_empty_space][vc_separator][vc_empty_space]

Patch Tuesday Release

“January 2018 was one of the worst months for patching I have seen since I joined Verismic” said Verismic Service Manager, James Rowney. “The vast amount of patches released last month left in its wake a sea of bluescreened machines, broken applications and inactive Web browsers. February seems to be following suite which will cause headaches for IT admins.”

2017 saw a similar trend with the headache months being February and November primarily but on the whole it seems that last year was significantly worse than 2016. This does seem to coincide with the change in the way Microsoft handled their patch releases. Let’s hope the rest of this year is more fruitful or it may be worth Microsoft considering going back to their old release strategy.

Microsoft addressed 49 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Edge, Microsoft Office and Microsoft Office Services and Web Apps, ChakraCore and Adobe Flash. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service condition.

We have chosen a few updates to prioritize this month, this recommendation has been made using evidence from industry experts (including our own) and anticipated business impact.

[vc_single_image image=”23735″ img_size=”full” alignment=”center”]
CVE-ID Vendor Name Title CVSS Recommended
CVE-2018-0825 Microsoft Microsoft Windows StructuredQuery Arbitrary Code Execution Vulnerability 8.1 Yes
CVE-2018-0844 Microsoft Microsoft Windows Common Log File System Driver Privilege Escalation Vulnerability 7.8 Yes
CVE-2018-0846 Microsoft Microsoft Windows Common Log File System Driver Privilege Escalation Vulnerability 7.8 Yes
CVE-2018-0840 Microsoft Microsoft Edge and Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0847 Microsoft Microsoft Internet Explorer Information Disclosure Vulnerability 7.5 Yes
CVE-2018-0866 Microsoft Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability 7.5 Yes
CVE-2018-0742 Microsoft Microsoft Windows Kernel Privilege Escalation Vulnerability 7
CVE-2018-0756 Microsoft Microsoft Windows Kernel Privilege Escalation Vulnerability 7
CVE-2018-0809 Microsoft Microsoft Windows Privilege Escalation Vulnerability 7
CVE-2018-0820 Microsoft Microsoft Windows Kernel Privilege Escalation Vulnerability 7
CVE-2018-0823 Microsoft Microsoft Windows Named Pipe File System Privilege Escalation Vulnerability 7
CVE-2018-0826 Microsoft Microsoft Windows Storage Services Privilege Escalation Vulnerability 7
CVE-2018-0842 Microsoft Microsoft Windows Arbitrary Code Execution Vulnerability 6.7
CVE-2018-0828 Microsoft Microsoft Windows Privilege Escalation Vulnerability 6.6
CVE-2018-0831 Microsoft Microsoft Windows Kernel Privilege Escalation Vulnerability 6.6
CVE-2018-0755 Microsoft Microsoft Windows OpenType Font Information Disclosure Vulnerability 5.5
CVE-2018-0760 Microsoft Microsoft Windows OpenType Font Information Disclosure Vulnerability 5.5
CVE-2018-0761 Microsoft Microsoft Windows OpenType Font Information Disclosure Vulnerability 5.5
CVE-2018-0853 Microsoft Microsoft Office Information Disclosure Vulnerability 5.5
CVE-2018-0855 Microsoft Microsoft Windows OpenType Font Information Disclosure Vulnerability 5.5
CVE-2018-0864 Microsoft Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0869 Microsoft Microsoft SharePoint Cross-Site Scripting Vulnerability 5.4
CVE-2018-0821 Microsoft Microsoft Windows AppContainer Privilege Escalation Vulnerability 5.3
CVE-2018-0827 Microsoft Microsoft Windows Security Feature Bypass Vulnerability 5.3
CVE-2018-0833 Microsoft Microsoft Windows SMB Request Processing Denial of Service Vulnerability 4.8
CVE-2018-0757 Microsoft Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0810 Microsoft Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0829 Microsoft Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0830 Microsoft Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0832 Microsoft Microsoft Windows Information Disclosure Vulnerability 4.7
CVE-2018-0843 Microsoft Microsoft Windows Kernel Information Disclosure Vulnerability 4.7
CVE-2018-0839 Microsoft Microsoft Edge Information Disclosure Vulnerability 4.3
CVE-2018-0850 Microsoft Microsoft Outlook Security BypassVulnerability 4.3
CVE-2018-0763 Microsoft Microsoft Edge Information Disclosure Vulnerability 4.2
CVE-2018-0834 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0835 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0836 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0837 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0838 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0841 Microsoft Microsoft Office Memory Corruption Vulnerability 4.2
CVE-2018-0851 Microsoft Microsoft Office Memory Corruption Vulnerability 4.2
CVE-2018-0852 Microsoft Microsoft Outlook Memory Corruption Vulnerability 4.2
CVE-2018-0856 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0857 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0858 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0859 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
CVE-2018-0860 Microsoft Microsoft Edge Scripting Engine Memory Corruption Vulnerability 4.2
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||||

Internet of Threats: Third-Party Patch Update

By News

Managing the Risks of IoT

Our definition of a necessary third-party patch is about to get much broader. With more IoT devices connecting to your network, it becomes mandatory to know what’s out there.

Back in May 2017, an 11-year old boy took the stage and showed that cybersecurity is about to get much more difficult. Using a Raspberry Pi, Python, and a Wi-Fi enabled teddy bear, this ‘cyber ninja’ scanned a cybersecurity conference and hacked devices from the audience.

Reuben Paul, the boy in question, tweeted after: “It was fun but I hope people did not miss the message – Secure IoT before the Internet of Toys becomes the Internet of Threats.”

This lesson must not be missed. We must find a way to secure the Internet of Things. Attacks are already being executed taking advantage of the IoT. When an 11-year-old can illustrate the dangers using a teddy bear, it’s time to take a hard look at what any of us are doing to protect our businesses.

We’ve already begun to see the IoT change the way we live and work. As this trend accelerates, solutions need to emerge to protect our privacy.

Syxsense is ready and at the forefront of that battle. Our product is the first of its kind; able to detect and manage devices in the IoT.

Come see the future of IT management and start a trial of Syxsense.

Third-Party Patch Updates

Below is a table of third-party Updates from January 2018:

Vendor Category Patch Version and Release Notes: CVSS SCORE
Adobe Media Software  

Flash, AIR, and ActiveX: 28.0.0.137 – https://helpx.adobe.com/flash-player/release-note/fp_28_air_28_release_notes.html

 

N/A
Apple Media Software  

iTunes: 12.7.3 – https://support.apple.com/kb/dl1814?locale=en_US

 

Safari: 11.0.3 – https://support.apple.com/en-us/HT208475

 

macOS High Sierra: 10.13.3 – https://support.apple.com/en-us/HT208465

 

CRITICAL
Don Ho  

Notepad: 7.5.4 – https://notepad-plus-plus.org/news/notepad-7.5.4-released.html

 

N/A
Evernote Corporation  

Evernote: 6.8.7.6387 – https://evernote.com/download

 

N/A
FileZilla FTP Solution 3.30 – https://filezilla-project.org/versions.php

 

N/A
Google Browser  

Chrome: 64.0.3282.119 – https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html

 

N/A
Mozilla Brower and Email Client  

Firefox: 58.0.1 – https://www.mozilla.org/en-US/firefox/58.0.1/releasenotes/

 

Thunderbird: 52.6.0 – https://www.mozilla.org/en-US/thunderbird/52.6.0/releasenotes/

N/A
Oracle  

JavaJDK: 8u162 – http://www.oracle.com/technetwork/java/javase/8u162-relnotes-4021436.html

 

JavaJDK: 9.0.4 – http://www.oracle.com/technetwork/java/javase/9-0-4-relnotes-4021191.html

 

N/A
Wireshark Network Protocol Analyzer 2.4.4 – https://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html N/A
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo