Blog    Customer Login
 Phone: 859-491-5900  



IT Solutions

MICROSOFT WINDOWS & CITRIX SECURITY NOTICES – ACTION RECOMMENDED

Microsoft Windows Vulnerability Notice & Citrix Vulnerability Notice

Notice: Today, Microsoft is releasing a security patch – it is critically important to execute this patch! The security of your organization’s network may depend on it.
According to KrebsonSecurity and multiple trustworthy industry sources, a vulnerability resides in a Windows component that handles “certificate and cryptographic messaging functions in the CryptoAPI.” The Microsoft CryptoAPI enables developers to secure Windows-based applications using cryptography, and includes functionality for encrypting and decrypting data using digital certificates.

Notice: Citrix and its commercial virtual-private-network gateways (NetScaler) are susceptible to attack. This susceptibility gives attacker direct access the local network behind the gateways from the internet without the need for an account or authentication. Since there is not an available patch, there is a temporary solution that reduces the risk of the exploit. In addition to the temporary measure, GBS recommends several additional preventative measures.

CONTACT GBS IT Experts to discuss patching and additional preventative solutions.
Call 859.491.5900

ACTION RECOMMENDED – UPGRADE OUTDATED WINDOW 7 SERVERS & COMPUTERS

The following legacy OS versions (Windows 7 / XP / XP Pro / XP Embedded and Windows Server 2008 / 2003) are susceptible to CVE-2019-0708, a critical Remote Code Execution vulnerability. 

Given the potential impact to customers and their businesses, Microsoft has made the security updates available for platforms that are no longer offered mainstream support.

View MS Patch

Despite the patches being made available by Microsoft, GBS recommends moving away from any operating system that is not fully supported by the manufacturer. If your organization is running any of these legacy operating systems – contact us to discuss an upgrade plan.

CONTACT GBS

Detecting & Preventing Malware – Threat Correlation

WATCH THREAT CORRELATION VIDEO

One of the key components of detecting and preventing a cyber attack is the ability to correlate network and endpoint security events. The ability to see and correlate security-related events gives administrators the visibility they need to stop unknown and evasive threats before the damage is done. Additionally, the ability to correlate events prevents successful attacks from spreading to other computers and other departments.

Correlation allows administrators to:
1. Correlate network and endpoint insight for enterprise-grade threat visibility.
2. Improves security against unknown and new, advanced malware attacks without a known signature.
3. Determine which endpoints are infected.
4. Decreases time to detection and remediation via policy-based automation.
5. Identify threat origin
6. Scores threat indicators and incidences based on severity – helping guide response.