Cyber Advisors Apache Log4j Recommendations and Services Package

Posted by Kate Drankoff on Dec 27, 2021 9:33:17 AM

Cyber Advisors Inc. has created a list of recommendations and a services package in response to Log4Shell vulnerability, that affects a significant number of systems and applications:

Read More

Topics: security, MSP, Log4j

December Microsoft Zero-Day and Patch Tuesday

Posted by Kate Drankoff on Dec 23, 2021 10:05:36 AM

Let's Chat About Microsoft Zero-Day and Patch Tuesday

With Microsoft zero-day under attack and a series of patches released to remediate, here's what you need to know…

Read More

Topics: security, Microsoft, MSP, Patch Tuesday

Apache Log4j

Posted by Kate Drankoff on Dec 23, 2021 9:30:41 AM

Two Common Vulnerability and Exposures (CVEs) were released for Apache Log4j on December 10th, 2021, and have dominated headlines in the Information Technology and Security industries. Log4j, a Java-based 'logging utility' within the Apache Logging Services, is embedded throughout widespread technologies and products depended on every day by businesses and consumers alike. The initial discovery stemmed from the popular video game, Minecraft. These particular CVEs are not only trivial to exploit, but are actively being exploited in the wild via a race condition and allow remote attackers to gain control of compromised systems.

 

Cyber Advisors Inc. has created a list of recommendations and a services package in response to Log4Shell vulnerability, that affects a significant number of systems and applications. More information can be found here.

Read More

Topics: security, MSP, Log4j

Windows 11 New Changes and Features

Posted by Kate Drankoff on Dec 21, 2021 2:07:12 PM

Windows 11 is here! With plenty of innovation and new features, Windows 11 boasts an all-new simplified, yet modernized interface that was designed to inspire productivity and creativity. Not sure where to start? Check out the highlighted features below and tips for upgrading.

Read More

Topics: security, Microsoft, Managed IT, MSP

International Fraud Awareness Week

Posted by Kate Drankoff on Nov 17, 2021 9:16:36 AM

International Fraud Awareness Week is observed globally and aims to raise awareness of fraud through fraud prevention campaigns and education.

Read More

Topics: security, cybersecurity

What’s with Operational Technology?

Posted by Dan Sanderson on Oct 19, 2021 9:06:10 AM

Operational Technology (OT) has become a very common talking point around the Cyber Advisors office. For starters, let’s define OT.

OT is industrial level control systems that are typically outside of the IT realm. Some examples of OT are Energy Grids, video recording systems, security badges/fobs, elevators, fire sprinkler systems, and gas pipelines. Many of these systems are IoT based. Some are much more industrial based such as PLC controls for turning a switch on and off.

Read More

Topics: security, Fortinet, cybersecurity, Operational Technology, OT

Automated Protection for Vulnerable Exchange Servers

Posted by Kate Drankoff on Sep 29, 2021 12:06:42 PM

The new Exchange Server component, aptly named Microsoft Exchange Emergency Mitigation (EM) service, builds on Microsoft's Exchange On-premises Mitigation Tool (EOMT) released in March to help customers minimize the attack surface exposed by the ProxyLogon bugs.

Read More

Topics: security

vCenter Server File Upload Vulnerability

Posted by Kate Drankoff on Sep 29, 2021 9:00:28 AM

A vulnerability has been identified in the VMware vCenter Server product that could allow a threat actor to execute malicious code. The vulnerability exists in the Analytics service and can be attacked by an unauthenticated user via port 443. There are both patches and temporary workarounds available by VMware. This vulnerability can be exploited regardless of current configuration settings.

This vulnerability exists in:

  • VMware vCenter 6.7x/7.0x
  • VMware Cloud Foundation 3.x/4.x, which bundles vCenter
Read More

Topics: security

Why Do We Need to Do So Many Chrome Updates!?!

Posted by Kate Drankoff on Sep 16, 2021 10:38:00 AM

On Monday, September 13th Google released security updates for the Chrome web browser to address a total of 11 security issues, two of which are zero-days actively being exploited in the wild. Chrome users are advised to update to the latest version (93.0.4577.82 or later) for Windows, Mac, and Linux by heading to Settings > Help > 'About Google Chrome' to mitigate the risk associated with the flaws. 

Read More

Topics: security, cybersecurity, Google Chrome

Getting Started on the Road to Security

Posted by Kate Drankoff on Jul 27, 2021 8:49:58 AM

Security threats are constant and it's hard to know where to start when it comes to protecting your organization. Taking the first step in the journey of security can be very overwhelming, but our team of security experts are here to help. No matter the size of the organization, we recommend starting with a Threat Assessment followed by a Business Impact Analysis.

Threat Assessment: The first step is engaging our team of security experts to perform a self-assessment survey to understand where your organization currently stands. Our team works with you to conduct a solid inventory of your business and understand key assets to operations. This process evaluates and verifies perceived threats and assesses their likelihood. After the initial assessment, our team reviews the severity of the threats and creates a plan to address the underlying vulnerabilities. Our team works with your organization to prioritize based on impact, cost and likelihood.

Business Impact Analysis: If you had all the money in the world, you could have a lot of security tools in your pocket and the resources to manage them - Unfortunately, in the real world, you have a limited budget and need to prioritize. This is where having a solid Business Impact Analysis (BIA) comes into play.

Read More

Topics: security, Threat Assessment, Business Impact Analysis

About this blog

Welcome to the Cyber Advisors Blog.  Please take a moment to read through our content.  If you would like more information on any of these topics, simply reach out to us via contact information below.  If you find our content valuable, please subscribe.  

 

 
 
Would you like to hear from us? Click Below!
Learn More

Subscribe Here!

Recent Posts

Posts by Tag

See all