Skip to main content
All Posts By

hsmith

||

Identifying Endpoints with SolarWinds® Orion® Software

By BlogNo Comments

Identifying Endpoints with SolarWinds® Orion® Software

There has been a significant hack linked to security vulnerabilities in SolarWinds® Orion® software

[vc_empty_space]
[vc_single_image image=”313681″ img_size=”full”]

Syxsense Allows Users to Scan for SolarWinds® Orion® Vulnerability

By now, everyone should be aware of the significant hack linked to security vulnerabilities in SolarWinds® Orion® software – https://www.solarwinds.com/securityadvisory.

The team at Syxsense has received requests asking if Syxsense Manage and Secure can help identify endpoints that might have SolarWinds software installed.

The Syxsense inventory scanner can quickly identify devices with SolarWinds software. Simply run an inventory query for SolarWinds or Inventory Software Report to see a list of all endpoints with SolarWinds software installed. Syxsense’s software distribution features can also be helpful to initiate uninstalls of SolarWinds.

The Syxsense Secure platform uses Syxsense Realtime functions to dynamically scan all endpoints for SolarWinds software, including scanning the hard drives in real-time to look for the compromised “SolarWinds.Orion.Core.BusinessLayer.dll” by name or file hash, quarantining devices to stop lateral movement and thereby protecting the network. With added security, Syxsense blocks the execution of SolarWinds software until a security evaluation of potentially exposed endpoints can be completed.

 

For technical details on how the SolarWinds Compromise and SUNBURST Backdoor work, we recommend reading a report from IT Security Company FIREEYE – https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html

[vc_single_image image=”38151″ img_size=”full” onclick=”custom_link” link=”https://www.syxsense.com/start-a-free-trial-of-syxsense”]
[vc_separator]

Experience the Power of Syxsense

Start a trial of Syxsense, which helps organizations from 100 to 100,000 endpoints secure and manage their environment, all from just a web browser.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fstart-a-free-trial-of-syxsense%2F|||” css=”.vc_custom_1590698033746{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Microsoft Zero Day Patch

By Patch ManagementNo Comments

Microsoft have released an update for Windows 10

[vc_empty_space]
[vc_single_image image=”37422″ img_size=”full”]

Microsoft Zero Day – KB4551762

 

Microsoft have released an update for Windows 10 to protect your environment from an imminent threat.  A full description of this update can be found here: https://support.microsoft.com/en-us/help/4551762/windows-10-update-kb4551762

 

The vulnerability is marked as Critical and carries a CVSS score of 10.0 which is the highest score available.

 

We have completed our internal testing and based on this evidence; plus, information we have seen in the community relating to potential issues with 32bit application compatibility we are recommending a careful deployment of this patch.  We would recommend waiting at least 24 hours before a site wide deployment.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||” css=”.vc_custom_1572936982710{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Verismic Software Launches Rebrand to Syxsense and New Product Offerings, Reinforcing its Mission to Strengthen Endpoint Security

By News, Press ReleaseNo Comments

Verismic Software Launches Rebrand to Syxsense, Reinforcing its Mission to Strengthen Endpoint Security

[vc_empty_space]
[vc_single_image image=”35306″ img_size=”full”]

The New Name, Syxsense, Expresses Company’s Focus on Protecting the Endpoint with Powerful AI-enabled Solutions That “Know All”

ALISO VIEJO, Calif. (November 4, 2019) – Verismic Software, a global leader in IT- and security-management solutions, announced today a comprehensive rebranding and repositioning of its products and messaging. This major initiative makes Syxsense the world’s first IT and security-solution provider to offer patch management, vulnerability scans, and Endpoint Detection and Response (EDR) capabilities in a single console.

Syxsense has created innovative and intuitive technology that sees-–and knows—everything, making it able to secure every endpoint, in every location, everywhere inside and outside the network, as well as in the cloud. Artificial intelligence (AI) helps security teams predict and root out threats before they happen—and to swiftly make them disappear when they do.

“Syxsense combines the power of artificial intelligence with industry expertise to manage and secure endpoints by stopping threats before they occur and neutralizing threats when they happen,” commented Ashley Leonard, CEO of Syxsense.

“By owning an IT management tool, IT professionals can patch to reduce the risk of a problem,” Leonard continued. “By owning an EDR tool, you can monitor a breach and quarantine a device. By combining both, Syxsense allows IT and security teams to eliminate many breaches by patching, track and quarantine potential breaches, and then remediate the environment after a security event—all in real-time.”

At the heart of the rollout is Syxsense Manage, a cloud-native offering that does the heavy lifting by collecting and collating a library of patches and updates. This allows IT professionals to deploy updates with AI-driven natural language and voice control. When the need arises, users have access to dashboards, query builders, and remote-control functions that provide insight into device health, inventory, and timelines allowing IT managers to troubleshoot and diagnose issues.

Syxsense Manage, therefore, becomes the IT managers’ “endpoint everything,” allowing them to see and manage all endpoints both inside and outside the network as well as in the cloud, with coverage for all major operating systems and endpoints, including IoT devices, physical and virtual devices, and all major cloud vendors. More importantly, they can complete day-to-day tasks and updates with ease and efficiency.

The companion offering, Syxsense Secure, brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams responsible for protecting businesses from cyber-attacks. It is the only cloud-native product on the market that truly combines endpoint management and endpoint security into a single unified offering. What’s more, it is tailored to the exact needs of companies that have limited resources and consolidated IT management and security functions in the same department.

Syxsense Secure includes proactive, always-on monitoring for malicious processes, automated device quarantine, real-time alerting, and live data that delivers insights in real-time to provide even greater visibility into the health of all the endpoints across your network. It is built on endpoint management technology that creates a baseline defense against known threats by ensuring devices are current with the latest software updates and security patches. This provides total visibility into the enterprise and eliminates blind spots so security managers can immediately detect anomalies that indicate an imminent or active threat.

By analyzing endpoint activity, Syxsense Secure predicts threats before they become breaches. Built on real-time, always-on endpoint monitoring, when breaches do happen, Syxsense knows how the attack entered the environment, how it spread, which data, files, and devices were impacted, and whether the threat has been neutralized in its entirety to prevent future vulnerabilities.

“Organizations are now able to combine and strengthen cybersecurity and IT management across their enterprise, enabling IT-SecOps convergence and digital transformation, improving enterprise performance while reducing the cost of cybersecurity,” concluded Leonard. “The Syxsense Endpoint Security Cloud, the overarching platform for Secure and Manage, provides multiple industry-proven capabilities in a single dashboard to simplify cybersecurity management and better protect people, businesses and assets from evolving cyber threats.”

About Syxsense

Syxsense is the leading provider of innovative, intuitive technology that sees all and knows everything about every endpoint, in every location, everywhere inside and outside the network, as well as in the cloud. It combines the power of artificial intelligence with industry expertise to manage and secure endpoints by stopping threats before they occur and neutralizing threats when they happen. The Syxsense Endpoint Security Cloud always-on technology performs in real-time so businesses can operate free of disruption from security breaches that cripple productivity and expose them to financial risk and reputational harm. https://www.syxsense.com

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||”]
|

Emergency Fix for IE Zero Day

By News, Patch ManagementNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Microsoft Releases Patch to Address Active Exploit

After learning about it from Google, Microsoft has moved to fix CVE-2018-8653. This flaw in Internet Explorer is being actively exploited in the wild.

According to the Microsoft release, this remote code execution issue “could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.”

The vulnerability effects Internet Explorer 11 on Windows 7 to 10 and Windows Server 2012, 2016, and 2019. For Explorer 10, it effects Windows Server 2012. For Explorer 9, it effects Windows Server 2008.

As it is being actively exploited, it’s critical to check that all systems have updated Internet Explorer.

Using Syxsense to Address This Issue

Syxsense is designed to facilitate and simplify any patching strategy. While you can run a comprehensive scan of all devices on a network, you can also run a targeted scan seeking a specific software. The console can easily display which devices are running which version of an application that might be at risk.

From there, it’s simple to set up a task that targets every device that requires the needed update.

With visual gadgets in both the device and task views, an IT manager can track the completion status of the deployment.

With everything being integrated, a report can be generated from the task information. Software can also be completely rolled back, if needed.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]

Syxsense Beats Industry Average with Outstanding Customer Support Satisfaction Results

By News, Press ReleaseNo Comments

Syxsense Beats Industry Average with Outstanding Customer Support Satisfaction Results

[vc_empty_space]
[vc_single_image image=”34346″ img_size=”full”]

ALISO VIEJO, Calif. (October 10, 2019) – Verismic, a global leader in cloud-based IT management and security technology, has released its latest customer support satisfaction survey results, beating industry averages by achieving a 98.6 percent customer satisfaction rating.

The support team that services Verismic’s products, Syxsense and Syxsense Secure, continue to outpace competitors in the rapidly evolving IT security and management market while demonstrating its commitment to excellence in providing world-class customer support.

“With the stakes so high, organizations can no longer afford to have their IT Security and Management tool take a reactive approach to addressing potential threats, especially given today’s never-ending siege of costly data breaches, malware, ransomware and other disasters,” commented Ashley Leonard, CEO of Verismic Software. “Verismic’s support organization gives us a competitive differentiator and assurance to customers that their most important strategic asset – their data – will have the highest level of protection.”

Syxsense regularly surveys its customers to determine their satisfaction with customer support and services and compares those results to published industry benchmarks. The results provide a “customer voice” to influence and improve Syxsense’s IT support and services priorities and initiatives. The survey spans a range of help desk topics, including time to respond versus time to close, interactions done in real-time, and more.

About Verismic Software, Inc.

Verismic Software Inc. is a global industry leader providing cloud-based IT management and security technology focused on enabling greater efficiency, cost-savings and security control for users, all while engaging in endpoint management. Headquartered in Aliso Viejo, Calif., Verismic is a growing and dynamic organization with offices in four countries and 12 partners in nine countries. Verismic works with companies ranging from 50 to 10,000 endpoints delivering a variety of solutions. Verismic’s software portfolio includes the first-of-its-kind agentless, Syxsense ; For more information, visit www.syxsense.com.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||”]

Syxsense Secure Adds Cyber Threat Alerting and Quarantine

By Blog, News, Press ReleaseNo Comments

Syxsense Secure Adds Cyber Threat Alerting and Quarantine

New features in Syxsense Secure allow IT departments to detect active threats within seconds and neutralize them.
[vc_empty_space]
[vc_single_image image=”34014″ img_size=”full”]

ALISO VIEJO, Calif. (September 10, 2019) – Verismic, a global leader in cloud-based IT management and security technology, has released a new Syxsense Secure version featuring real-time threat alerting and device quarantine to detect, isolate, and prevent cyber security breaches. These new features, plus the industry-leading patch management already available in Syxsense Secure, provides IT departments with both endpoint security and management in a single console.

The inability to see attacks and prioritize patching is the No. 1 issue in IT security according to Gartner. Syxsense Secure aims to solve this problem, which would stop more than 80 percent of all breaches from occurring. Syxsense Secure consists of a single, lightweight agent, which provides continuous management and monitoring of endpoint activity and protects by automating the response to cyber security breaches. The instant the suspicious activity of a malicious process is detected, the process is stopped, and the device is proactively quarantined to prevent further infection.

Syxsense Secure allows IT and Security professionals to:

  • See and Stop Attacks: See precisely which machines are being actively exploited enterprise-wide and filter by specific vulnerability and available patches.
  • Secure Every Device: Stop an attack immediately and prevent future attacks of a similar nature across the organization.
  • Fix the Biggest Problems: Understand which patches will have the biggest impact across the organization and then quickly patch, within seconds, the most actively exploited machines – whether online or quarantined.

“Syxsense Secure gives IT and Security teams a real-time picture and response time to any unpatched or vulnerable endpoints on their network, as well as the ability to isolate and remediate endpoints,” says Diane Rogers, Chief Product Officer at Verismic.

More information on the new release of Syxsense Secure can be found here: https://www.syxsense.com/quarantine

 

About Verismic Software, Inc.

Verismic Software Inc. is a global industry leader providing cloud-based IT management and security technology focused on enabling greater efficiency, cost-savings and security control for users, all while engaging in endpoint management. Headquartered in Aliso Viejo, Calif., Verismic is a growing and dynamic organization with offices in four countries and 12 partners in nine countries. Verismic works with companies ranging from 50 to 10,000 endpoints delivering a variety of solutions. Verismic’s software portfolio includes, Syxsense and Cloud Security Suite. For more information, visit www.syxsense.com.

[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

Start a Free Trial

Try Syxsense Secure today and get real-time threat alerting and device quarantine to detect, isolate, and prevent cyber security breaches.
[vc_btn title=”Get Started with Syxsense Secure” color=”warning” size=”lg” align=”center” link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial|||”]

Bad Dog! Ubuntu Mutt Exploitable Vulnerability

By NewsNo Comments
[vc_single_image image=”24752″ img_size=”full”]

According to a recently released Ubuntu security notice, there are several vulnerabilities within Mutt Ubuntu. The following CVEs detail how an attacker could execute arbitrary code through Mutt incorrectly handling certain requests. In addition, certain inputs could provide access to, or even expose, sensitive information.

(CVE-2018-14350, CVE-2018-14352, CVE-2018-14354, CVE-2018-14359, CVE-2018-14358, CVE-2018-14353 , and CVE-2018-14357.)

Below are the effected versions:

 

Updates have been released to address these vulnerabilities. Syxsense has them within their patch database. Within the console, select these updates and simply target any device running the affected versions. You’ll also need to restart Mutt once the updates have been deployed.

There’s a better way to manage your devices, whether they run Windows, Mac, or Linux. Start a trail of Syxsense!

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
|

‘Roll Back’ To The Future

By NewsNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

Beware: Windows 10 Feature Updates are Double Work!

Windows 10 Feature Updates (Windows 10 Servicing) will dominate the agenda of many IT Managers as Microsoft uses their new release method to introduce new operating system experiences and security enhancements for their flagship operating system. These are scheduled for release every 6 months until the end of extended support in October 2025.

Before you start your journey, you need to be aware that each feature update will have its own support for 18 months, forcing IT Managers to keep releasing these updates at least every 12 months.  If you are still using Windows 10 version 1607, support has already ended.

 

Verismic recommends that IT managers plan out their Windows 10 Feature Updates as soon as it is publicly available.  But Beware: upon installation of the Windows 10 Feature Update, any patch or update which has been deployed since the date of that feature update will have to be re-deployed to bring that system back up to date.

Robert Brown, Director of Services for Verismic says, “IT managers spend a lot of time planning and deploying their Windows updates each month. They need to understand that after installing any Windows 10 Feature Update, they will be effectively rolled back in time to the date of that release. Example Fig.1 below, next month if you apply 1803, you will have to re-deploy all updates since March – that could be over 40 updates per device. Use Syxsense to make re-deployment far easier and more efficient.”

[vc_single_image image=”24413″ img_size=”full”]

Microsoft is giving IT Managers double the work, but Syxsense simplifies patching. Our Patch Manager quickly identifies any device in need of updates. Then a maintenance window can be created to deploy the updates after business hours, avoiding any loss in productivity.

Start a trial of Syxsense today.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
|

FBI Warning: Reset Your Routers

By NewsNo Comments
[vc_single_image source=”featured_image” img_size=”full”]

FBI, DHS, and UK Authorities issue warning over VPNFilter

The FBI, DHS and UK authorities have issued a warning for the VPNFilter malware threat. According to Alert TA18-145A, there are concerns that actors will use VPNFilter to target routers and “collect intelligence, exploit local area network (LAN) devices, and block actor-configurable network traffic.”

Cisco researchers have indicated the following devices are known to be vulnerable:

  • Linksys E1200
  • Linksys E2500
  • Linksys WRVS4400N
  • MikroTik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200
  • Netgear R6400
  • Netgear R7000
  • Netgear R8000
  • Netgear WNR1000
  • Netgear WNR2000
  • QNAP TS251
  • QNAP TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN

The warning instructs that you install any new firmware for your routers and, after updating, reset your router. Even if you don’t have one of the listed devices, its recommended you update and reset your router as well.

Also, as a good practice and to protect yourself from repeat infection, ensure your router administration credentials are not set to the factor default.

According to Cisco’s Talos, the VPNFilter malware is known to have already infected at least 500,000 network devices across 54 countries.

This clearly illustrates an important IT lesson: relying solely on your firewall for protection isn’t enough. Malware is becoming more sophisticated and actors are looking for any way into your environment.

What to do:

IT departments need to keep their firmware up to date, but also keep patching regularly. Use a patching solution like Syxsense to ensure you’ll never have a lapse in important updates. CMS detects which devices need updates and the severity of those updates. Then you can schedule a time-frame in which to automatically deploy needed updates. This ensures every device is secured without interrupting business hours.

Check out a better way to manage your environment. Start a trial with Syxsense

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
|||||

Internet of Threats: Third-Party Patch Update

By NewsNo Comments
[vc_single_image image=”23698″ img_size=”full”]

Managing the Risks of IoT

Our definition of a necessary third-party patch is about to get much broader. With more IoT devices connecting to your network, it becomes mandatory to know what’s out there.

Back in May 2017, an 11-year old boy took the stage and showed that cybersecurity is about to get much more difficult. Using a Raspberry Pi, Python, and a Wi-Fi enabled teddy bear, this ‘cyber ninja’ scanned a cybersecurity conference and hacked devices from the audience.

Reuben Paul, the boy in question, tweeted after: “It was fun but I hope people did not miss the message – Secure IoT before the Internet of Toys becomes the Internet of Threats.”

This lesson must not be missed. We must find a way to secure the Internet of Things. Attacks are already being executed taking advantage of the IoT. When an 11-year-old can illustrate the dangers using a teddy bear, it’s time to take a hard look at what any of us are doing to protect our businesses.

We’ve already begun to see the IoT change the way we live and work. As this trend accelerates, solutions need to emerge to protect our privacy.

Syxsense is ready and at the forefront of that battle. Our product is the first of its kind; able to detect and manage devices in the IoT.

Come see the future of IT management and start a trial of Syxsense.

[dt_default_button link=”url:https%3A%2F%2Fwww.syxsense.com%2Fsyxsense-trial%2F|||” size=”big” button_alignment=”btn_center”]START FREE TRIAL[/dt_default_button]
[vc_separator]

Third-Party Patch Updates

Below is a table of third-party Updates from January 2018:

Vendor Category Patch Version and Release Notes: CVSS SCORE
Adobe Media Software  

Flash, AIR, and ActiveX: 28.0.0.137 – https://helpx.adobe.com/flash-player/release-note/fp_28_air_28_release_notes.html

 

N/A
Apple Media Software  

iTunes: 12.7.3 – https://support.apple.com/kb/dl1814?locale=en_US

 

Safari: 11.0.3 – https://support.apple.com/en-us/HT208475

 

macOS High Sierra: 10.13.3 – https://support.apple.com/en-us/HT208465

 

CRITICAL
Don Ho  

Notepad: 7.5.4 – https://notepad-plus-plus.org/news/notepad-7.5.4-released.html

 

N/A
Evernote Corporation  

Evernote: 6.8.7.6387 – https://evernote.com/download

 

N/A
FileZilla FTP Solution 3.30 – https://filezilla-project.org/versions.php

 

N/A
Google Browser  

Chrome: 64.0.3282.119 – https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html

 

N/A
Mozilla Brower and Email Client  

Firefox: 58.0.1 – https://www.mozilla.org/en-US/firefox/58.0.1/releasenotes/

 

Thunderbird: 52.6.0 – https://www.mozilla.org/en-US/thunderbird/52.6.0/releasenotes/

N/A
Oracle  

JavaJDK: 8u162 – http://www.oracle.com/technetwork/java/javase/8u162-relnotes-4021436.html

 

JavaJDK: 9.0.4 – http://www.oracle.com/technetwork/java/javase/9-0-4-relnotes-4021191.html

 

N/A
Wireshark Network Protocol Analyzer 2.4.4 – https://www.wireshark.org/docs/relnotes/wireshark-2.4.4.html N/A