We have recently seen a significant rise in systems that have become infected with CryptoWall. We urge you to exercise extra caution in your web browsing and similar caution as you review and process your email. What is CryptoWall? CryptoWall, the successor to the now defunct CryptoLocker, is categorized as a Trojan horse virus. It,… Read more »
Systems Engineering Blog
Posts Categorized: IT Security
SE Alert: “POODLE” SSLv3 Vulnerability – Update
One of the reasons that the Poodle vulnerability is not assigned the same level of risk as the earlier Heartbleed one is that it requires what is called a “Man in the Middle” attack. This means in order to exploit Poodle the attacker needs to be able to jump on your Internet connection, most likely… Read more »
SE Alert: “POODLE” SSLv3 Vulnerability
On Tuesday October 14, 2014 a vulnerability in the SSLv3 encryption protocol, commonly referred to as POODLE (Padding Oracle On Downgraded Legacy Encryption), was discovered, see NIST CVE-2014-3566. What this means is that there is the possibility of a cyber criminal getting access to data you are transmitting between your web browser and the website… Read more »
SE Speaking at 2014 ANCOR Technology Summit & Showcase
SE will be exhibiting and presenting at The American Network of Community Options and Resources (ANCOR) Technology Summit & Showcase in Denver, Colorado. Our presentation will cover the current threat landscape and why security technology should be apart of your HIPAA compliance strategy. CyberSecurity: What are The Risks and Why Should You Care? Friday, October… Read more »
SE Alert: Bash Bug / Shell Shock Update
Systems Engineering is continuing to manage and mitigate risks resulting from the Bash Bug / Shell Shock vulnerability, CVE-20140-6271. Discovered on September 24, 2014, Linux, Unix and Apple OS X systems have been affected. This does not impact Microsoft Windows systems. At SE, we have taken the following measures; Verified cloud application providers we use… Read more »
SE Alert: Bash Bug
On Wednesday, September 24th, reports came out of a newly discovered vulnerability being referred to as the “Bash Bug”. Bash is a common function found in Linux, Unix and Mac OSx computers. A recently discovered flaw in it could allow an attacker to execute remote control code. This does not affect Microsoft Windows servers, desktops… Read more »
Start planning now for Windows Server 2003 End of Support
Do you have servers and applications that have been around for 5 years or more? Do you know what version of Microsoft Server these are running on? Microsoft has announced end of support for Windows Server 2003 on July 14, 2015. This means this server Operating System (OS) will no longer get security patches nor… Read more »
SE Lunch & Learn Recap: Cloud First, Mobile First – a Microsoft Road Map
At SE’s last Lunch & Learn, we invited Steve Deming and Chris Large of Microsoft to come and speak about their new direction as a company, “Cloud First, Mobile First”. “Microsoft has changed as an organization over the past couple of years. We no longer call ourselves a software company. We are now a devices… Read more »
Virus Notice: Symantec releases definition file with a False Positive
Symantec sent out notification earlier today that it had released a virus definition file which contains a False Positive (FP). This FP could result in a false detection and alert for the “Trojan.Webkit!htm” virus. Symantec is currently preparing Rapid Release definitions which will remove this detection. While Symantec is working to fix this issue, SE clients… Read more »
Verizon Data Breach 2014 Report Findings
The seminal security report from Verizon, the 2014 Data Breach Investigation Report or DBIR, was recently released and provides valuable information on how to protect your network and data. In this article, we highlight the key findings that can help you make informed decisions about your own security stance. Each year the DBIR report provides… Read more »