Skip to main content
Monthly Archives

September 2018

||

FBI Alert: RDP Exploited

By NewsNo Comments

Hope you don’t rely on RDP

The FBI and Department of Homeland Security have released a new US-CERT Alert. Alert I-092718-PSA details the ramping up of cyber attacks exploiting the Remote Desktop Protocol.

RDP is included with Windows, and with millions utilizing that operating system, the vulnerability is widespread.

The alert states “The use of RDP creates risk. Because RDP has the ability to remotely control a system entirely, usage should be closely regulated, monitored, and controlled.” If you don’t use the service, the FBI and DHS recommend you disable it and block any corresponding ports.” It’s also important to regularly monitor your remote access activity.

Why Syxsense is a secure solution to replace RDP

  • Reports can be scheduled to regularly keep you up to date on remote access activity.
  • Syxsense comes with Two-Factor Authentication, ensuring only authorized users can use the solution. This is a feature the FBI recommends for remote access products.
  • The suite comes with other tools, such as our Patch Manager. This, too, is recommended in the alert; “Apply system and software updates regularly.”
  • Communication is 2048-bit Encrypted.
  • End user access controls.
  • No Forced open ports.

RDP is quickly becoming an attacker’s favorite way to access an IT environment. Secure your devices and replace RDP with a secure Remote Control solution. Syxsense has reliable Remote Control as well as many other useful features.

It’s time to ditch RDP. Start a free trial of Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
September 28, 2018
Love0
|||

Third-Party Patch Update: September 2018

By News, Patch ManagementNo Comments

Virobot Will Return

Cybersecurity firm Trend Micro has identified a new malware, Virobot. While it doesn’t appear to be connected to a previous strain of ransomware, it uses familiar techniques.

However, Virobot is ransomware, keylogger, and botnet all in one.

The ransomware infects the device and locks it down. While waiting for the ransom payment, it can then log key strokes, pull down additional ransomware to install, and use the device as a bot to spread itself.

As of the writing of this article, the Virobot C&C server was down. Thanks to previous examples, we can infer that this was likely only a test. Cyber actors will test out their capabilities in such a way to prepare for a larger attack later.

Will you be prepared for when that happens?

Ready for Anything

Use Syxsense to survey your environment and rapidly deploy any needed updates. On the home page, you can quickly see which devices require critical updates.

By clicking on the gadget, you’ll jump right into a patch deployment process, pre-populated to deploy all critical updates to all devices that need them. You can easily modify this task to be more specific or start the task as-is to deploy the critical patches.

Third-Party Patch Updates

Below is a table of third-party updates:

Vendor Category Patch Version and Release Notes:
Adobe Media Software  

Flash and Air: v31 – https://helpx.adobe.com/flash-player/release-note/fp_31_air_31_release_notes.html

 
Apple Media Software  

iTunes: v12.9.0.167 – https://en.wikipedia.org/wiki/History_of_iTunes#iTunes_12

 
Evernote  

Evernote: v6.15.3.7881 – https://evernote.com/security/updates

 
FileZilla FTP Solution  

FileZilla: v3.37.0 – https://filezilla-project.org/versions.php

 
Google Browser  

Chrome: v69.0.3497.100 – https://chromereleases.googleblog.com/2018/09/stable-channel-update-for-chrome-os.html

 
KeePass Password Manager  

KeePass: v2.40 – https://keepass.info/news/n180910_2.40.html

 
Mozilla Browser and Email Application  

Firefox: v62.0.2 – https://www.mozilla.org/en-US/firefox/62.0.2/releasenotes/

 
RealVNC Remote Access Software  

RealVNC Viewer: v6.18.907 – https://www.realvnc.com/en/connect/docs/desktop-release-notes.html

 
VSRevo Group  

Revo Uninstaller Pro: v4.0 – https://www.revouninstaller.com/revo_uninstaller_pro_full_version_history.html

 
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
September 25, 2018
Love0
||

Syxsense Featured in Inc. Magazine

By NewsNo Comments

CMS is Revolutionizing IT Management

In a recent article, Inc. Magazine featured Syxsense in an article titled “These Startups are Making Otherwise Boring Industries Extremely Attractive–Here’s How.”

“Saying IT work is less-than-sexy might not be the understatement of the year, but it’d be in the running. Syxsense is looking to change that with their cloud-based patch management software developed for businesses of all types and sizes.

With it, users can count on [the] system to remotely manage almost every inch of their IT infrastructure,” said Tom Popomaronis of Inc. Magazine.

Syxsense is focused on innovation. With an extensive list of powerful features, our toolset offers patch management, software distribution, remote control, and more.

Syxsense can manage Windows, Mac, and Linux devices with the largest library of third-party software updates.

There’s a better way to manage your IT environment. Learn how with a free trial of Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
September 25, 2018
Love0

Office 2019 Rollout with ‘Sneakernet’

By NewsNo Comments

How will you deploy Office 2019?

Office 2019 is now available.  As of today, commercial volume license customers, Windows or Mac, can begin their deployment process. According to Microsoft’s statement, Office 2019 should be available to all customers within a few weeks.

A new edition of Office means a massive rollout to the devices in your environment. To dramatically reduce the time and resources this could waste, IT departments should utilize a software deployment solution.

With something like Syxsense, you can upload a software package just once, but deploy it to every device you wish. Silent installs are also possible by including switch statements. Once uploaded to the packages section, it’s easy to target the software for a customized deployment.

The software distribution task has options like snooze reboot and maintenance windows to ensure that during this massive deployment, no work is interrupted.

And taking advantage of an interconnected solution like Syxsense means having access to functions like our reports. Now, as you complete your work, reports can summarize task status for anyone that might need it.

Don’t get overwhelmed with trying to deploy Office device by device. Start your trial of Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
September 24, 2018
Love0
|||||||

Critical Out-of-Band Adobe Update

By NewsNo Comments

Updates Released for Acrobat Reader and DC on Mac and Windows

A week after their usually-scheduled monthly update, Adobe released more patches to tackle several vulnerabilities. One of the vulnerabilities addressed is rated as critical. In their security bulletin, Adobe states “Successful exploitation could lead to arbitrary code execution in the context of the current user.”

The remaining vulnerabilities also addressed are rated as ‘important’, so they also could pose a significant threat. While there are no currently known exploits, Adobe recommends the updates be deployed as soon as possible.

Any company should have a stable update deployment strategy already in place. Since Adobe just released its monthly set of updates, work these additional patches into your remediation process. A true IT solution should facilitate the strategies that work best for your unique environments.

Never Miss an Update

Syxsense is straight-forward to use while being immensely customizable.

Its Patch Manager has both Microsoft updates and a massive library of third-party software updates. Within the individual patch information, the number of devices that require the update or need to be scanned for it is featured. By clicking either of these, a task is launched that is prepopulated for rapid execution.

In the devices section, the device health indicators and overview gadgets show the current state of device vulnerability. Information about devices that may need specific patches is immediately available.

Our system rules are sets of updates from predetermined vendors. These facilitate rapid update deployments. You can also easily create your own and set up repeatable deployments. Maintenance windows ensure tasks occur around business hours and don’t interrupt productivity. Finally, run reports to confirm that remediation has occurred and prove it to anyone who might need it.

There’s a better way to manage your environment. Start a trial with Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
September 20, 2018
Love0
||||

How Many Tools Does It Take to Patch All Your Devices?

By NewsNo Comments

Comparing Patch Management Solutions

Given the breadth of software systems in any given organization and the volume of patches being released by vendors, it’s not surprising that most IT departments are using more than one patch management tool, experts say.

Take Microsoft’s System Center Configuration Manager for example. It’s a widely used system that works well for Microsoft software but isn’t as useful for managing patches for non-Microsoft software systems. Many enterprise IT shops use that for Windows patches but implement other patch management tools to handle patches from other vendors. They might use Jamf for MacOS updates and another tool for 3rd party applications such as Chrome, Java or Adobe.

Why waste resources on trying to manage multiple software when one product can do everything you need? Syxsense can manage Windows, Mac, and Linux devices. It has the largest library of 3rd party software updates.

One and Done

Still not impressed? Syxsense can also manage Virtual Machines, laptops, desktops, and servers. Deploying Windows updates is easy with the Windows Feature Updates section.

The list of features contained in this single solution goes on. Syxsense has compliance reports, software distribution, remote control, and more.

One product can do it all. Eliminate unnecessary, redundant software and explore a better IT solution.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
September 19, 2018
Love0
||||

Ransomware Crashes Airport Displays

By NewsNo Comments

Bristol Airport Hit By Cyberattack

According to officials from the Bristol Airport, the attack started Friday morning.

It took out several computers over the airport network, including its in-house display screens which provide details about the arrival and departure information of flights.

Illustrated by photos posted by travellers on Twitter, airport officials were forced to use whiteboards and paper posters to announce information for flights and luggage pickup points.

“We are grateful to passengers for their patience while we have been working to resolve issues with flight information this weekend. Digital screens are now live in arrivals and departures. Work will continue to restore complete site-wide coverage as soon as possible,” the airport tweeted on Sunday.

This is not the first case of an airport being targeted by ransomware, nor will it be the last. Cyber criminals are striking harder and bolder at any network they find vulnerable.

Organizations must act now and implement a proactive approach to securing their networks. An IT solution like Syxsense will facilitate a comprehensive patching strategy to ensure all systems are up to date.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
September 17, 2018
Love0
|||

September Patch Tuesday: The Final Countdown

By News, Patch Management, Patch TuesdayNo Comments

Patch Tuesday: The Latest News

Microsoft has released 61 security patches and two advisories covering Internet Explorer (IE), Edge, ChakraCore, Azure, Hyper-V, Windows components, .NET Framework, SQL Server, and Microsoft Office.

In the fallout of the British Airways hack this week, which we have learned was caused by an attack from Magecart, the world waits for the suspected Windows Zero Day exploit to be confirmed as CVE-2018-8440.

If so, we would recommend this update be prioritized this month.

Critical Adobe Updates

Adobe’s Patch Tuesday updates for September address a total of 10 vulnerabilities in Flash Player and with six of those Critical in ColdFusion. Only one Critical security issue has been patched in Flash Player, which is a light reprieve from the usual bucket load.

Microsoft will begin charging for updates in 2020

Windows 7 is estimated to be used by 40% of all devices using a Microsoft operating system, so it is a huge surprise that following the extended support in January 2020, Microsoft will start charging customers to continue receiving their Operating System updates.

Robert Brown, Director of Services for Verismic said, “Our clients still using Windows 7 have 2 very important choices. They chose either to commit to migrating to Windows 10, or they invoke a vigorous patch management strategy to begin updating all Windows 7 devices to the latest updates. The deadline is only 13 months away.”

If you commit to migrating to Windows 10, you can utilize the Feature Updates functionality in Syxsense to make future proofing your environment a reality.

Windows 10 Feature Update Planning

Only one month to go. If you are using Windows 10, version 1703 then you only have one month left to upgrade before it falls out of the standard ‘End of Service’ on October 9, 2018.

Each Windows 10 version will be serviced with quality updates for up to 18 months from availability. It is important that all quality updates are installed to help keep your device secure.

Patch Tuesday Release

Vendor Name Vendor Severity Title
Microsoft Critical Cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based Systems (KB4339093)
Microsoft Critical Cumulative Security Update for Internet Explorer 11 for Windows 7 (KB4339093)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1803 for x86-based Systems (KB4338819)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB4338814)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1709 for x86-based Systems (KB4338825)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1703 for x64-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1607 for x86-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1607 for x64-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1803 for x86-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1803 for x64-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1803 for ARM64-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1703 for x86-based Systems (KB4338832)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1709 for ARM64-based Systems (KB4338832)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4338825)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1709 for x86-based Systems (KB4338832)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4338814)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1709 for ARM64-based Systems (KB4338825)
Microsoft Critical 2018-07 Security Update for Adobe Flash Player for Windows 10 Version 1709 for x64-based Systems (KB4338832)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1803 for ARM64-based Systems (KB4338819)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4338819)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1703 for x64-based Systems (KB4338826)
Microsoft Critical 2018-07 Cumulative Update for Windows 10 Version 1703 for x86-based Systems (KB4338826)
Microsoft Important Security Update for Skype for Business 2016 (KB4022221) 64-Bit Edition
Microsoft Important 2018-07 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4340558)
Microsoft Important Security Update for Skype for Business 2015 (KB4022225) 32-Bit Edition
Microsoft Important Security Update for Microsoft SharePoint Foundation 2013 (KB4022243)
Microsoft Important Security Update for Microsoft Access 2016 (KB4018338) 64-Bit Edition
Microsoft Important Security Update for Microsoft Access 2016 (KB4018338) 32-Bit Edition
Microsoft Important 2018-07 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 (KB4340556)
Microsoft Important 2018-07 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 (KB4340004)
Microsoft Important 2018-07 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 and Server 2008 R2 for x64 (KB4340004)
Microsoft Important Security Update for Microsoft Office Viewers Microsoft Office Compatibility Pack (KB4011202)
Microsoft Important Security Update for Microsoft Access 2013 (KB4018351) 32-Bit Edition
Microsoft Important 2018-07 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 7 and Server 2008 R2 for x64 (KB4340556)
Microsoft Important Security Update for Microsoft Access 2013 (KB4018351) 64-Bit Edition
Microsoft Important 2018-07 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Server 2012 R2 for x64 (KB4340006)
Microsoft Important Security Update for Skype for Business 2016 (KB4022221) 32-Bit Edition
Microsoft Important Security Update for Word Viewer (KB4032214)
Microsoft Important Security Update for Skype for Business 2015 (KB4022225) 64-Bit Edition
Microsoft Important 2018-07 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4338818)
Microsoft Important 2018-07 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB4338818)
Microsoft Important 2018-07 Security Only Quality Update for Windows 7 for x64-based Systems (KB4338823)
Microsoft Important 2018-07 Security Only Quality Update for Windows 7 for x86-based Systems (KB4338823)
Microsoft Low Security Update for Microsoft Word 2016 (KB4022218) 64-Bit Edition
Microsoft Low Security Update for Microsoft Word 2010 (KB4022202) 64-Bit Edition
Microsoft Low Security Update for Microsoft Office 2010 (KB4022200) 32-Bit Edition
Microsoft Low Security Update for Microsoft Word 2016 (KB4022218) 32-Bit Edition
Microsoft Low Security Update for Microsoft Office 2010 (KB4022200) 64-Bit Edition
Microsoft Low Security Update for Microsoft Word 2010 (KB4022202) 32-Bit Edition
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
September 11, 2018
Love0
||

eBook: Top 10 Security Tips for Every IT Manager

By Patch ManagementNo Comments

Enhance Your IT Security Strategy

With widespread digital crime and an increasing list of massive security threats, taking the necessary steps to prevent vulnerabilities in your IT environment is critical.

Standard security procedures typically only require a simple username and password, making it easier to gain access to private data, including personal and financial details.

Major breaches are often preventable with the right precautions and strategies in place, but even IT administrators make mistakes. From two-factor authentication to encrypting confidential data, there are many ways to block potential security holes.

This eBook breaks down the top 10 tips that IT professionals can implement in their environment. These strategies could prevent the spread of malware when a future ransomware attack occurs.

When the next crisis strikes, you’ll be prepared.

Start a Free Patch Management Trial

Syxsense protects your IT assets secure with a simple, predictive patch management solution. Automatically keep desktops, laptops and remote users up-to-date with security patches.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
September 4, 2018
Love0