Microsoft Windows Vulnerability Notice & Citrix Vulnerability Notice
Notice: Today, Microsoft is releasing a security patch – it is critically important to execute this patch! The security of your organization’s network may depend on it. According to KrebsonSecurity and multiple trustworthy industry sources, a vulnerability resides in a Windows component that handles “certificate and cryptographic messaging functions in the CryptoAPI.” The Microsoft CryptoAPI enables developers to secure Windows-based applications using cryptography, and includes functionality for encrypting and decrypting data using digital certificates.
Notice: Citrix and its commercial virtual-private-network gateways (NetScaler) are susceptible to attack. This susceptibility gives attacker direct access the local network behind the gateways from the internet without the need for an account or authentication. Since there is not an available patch, there is a temporary solution that reduces the risk of the exploit. In addition to the temporary measure, GBS recommends several additional preventative measures.
CONTACT GBS IT Experts to discuss patching and additional preventative solutions.
Join GBS at comSpark – if you haven’t already – register today! comSpark is this region’s premier conference on all-things IT, all-things technology. Stay tuned for more information on when you can see GBS presentations on CyberSecurity, The C-Suite Summit and a Break-out Session on the role Video Analytics plays in Data Security.
Stay tuned for more details!
Despite the patches being made available by Microsoft, GBS recommends moving away from any operating system that is not fully supported by the manufacturer. If your organization is running any of these legacy operating systems – contact us to discuss an upgrade plan.
One of the key components of detecting and preventing a cyber attack is the ability to correlate network and endpoint security events. The ability to see and correlate security-related events gives administrators the visibility they need to stop unknown and evasive threats before the damage is done. Additionally, the ability to correlate events prevents successful attacks from spreading to other computers and other departments.
Correlation allows administrators to: 1. Correlate network and endpoint insight for enterprise-grade threat visibility. 2. Improves security against unknown and new, advanced malware attacks without a known signature. 3. Determine which endpoints are infected. 4. Decreases time to detection and remediation via policy-based automation. 5. Identify threat origin 6. Scores threat indicators and incidences based on severity – helping guide response.