Tag: Update

Categories
Casserly Consulting Blog

Cisco Bug Ranks as One of the Worst

cisco_bug_400.jpg

A new exploit is making the rounds in the security environment, and this time, it affects virtual private networks. According to Cisco, the flaw affects its Adaptive Security Appliance (ASA) tool, and it should be patched as quickly as possible. If you don’t do so, your organization could be subject to remote code exploitation as a result of this vulnerability.

Cisco has showcased that the VPN bug can essentially allow hackers to infiltrate their security devices using the ASA operating system. The vulnerability is found in the Secure Sockets Layer (SSL) and can, according to Cisco, “allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.” What does this mean in plain English? In theory, an attacker could take complete and total control over a system (a considerable threat for any organization, especially considering the ramifications from a physical security standpoint). This vulnerability is so dangerous that it has earned a 10-out-of-10 on the Common Vulnerability Score System, taking its place among the upper echelon of major vulnerabilities.

While the vulnerability is only allowed if WebVPN is enabled, it’s still a major threat that you don’t want to overlook. According to ZDNet , here are some of the devices that are affected by this vulnerability:

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD).

At its time of discovery, the bug was not being exploited in the wild, but Cisco has been made aware of attempts to leverage of the vulnerability. Since the announcement, the vulnerability has been spotted in the wild, and the initial patch that Cisco implemented to combat this vulnerability proved to insufficient, as there were additional features and attack vectors that were not identified until later.

Cisco has released an updated patch for this vulnerability, so you need to implement it if you don’t want to take a needless risk, and endanger your network and data. It’s a good rule of thumb to never let known vulnerabilities linger too long, as you could be placing your business in harm’s way.

It’s incredibly important that your business be mindful of not just these vulnerabilities, but all vulnerabilities found in critical business software and hardware. This Cisco bug isn’t the first software vulnerability to be found, and it certainly won’t be the last. Hackers are always working to undermine the efforts of developers who are trying to keep their software as secure as possible. It’s up to you to ensure your organization isn’t exposing itself to threats by neglecting patches and security updates.

COMPANYNAME can help your organization ensure that patches and updates are applied as needed. We can do this remotely in most cases, without the need for an on-site visit. It’s a great way to get more value out of your business’ technology without sacrificing security. To learn more about how you can make technology work for you, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Tip of the Week: Give Your Desktop Some TLC

laptop_toolbox400.jpg

Maintaining a network of PCs can be a lot of work. We wouldn’t blame you for having trouble keeping your business’ computers up-to-date–especially if you don’t have a dedicated IT department on-site. It doesn’t have to feel impossible, though. With proactive technology maintenance and the following tips, you’ll be sure to stay productive throughout the workday.

Update Your Devices
Microsoft issues updates that are meant to improve the performance and security of its operating systems. It’s recommended that you implement these updates as soon as possible so that they can do what they were designed to do: help your computer’s performance. To check if your device has potential updates, just hit the Windows key and navigate through Settings > Update & Security > Windows Update > Check for Updates. If your device needs an update, this page will tell you. Once you’ve done this, all you need to do is restart your computer and complete the installation process.

Restart Your Device
One of the best ways you can improve the performance of your computer is to restart it completely. This gives your computer a moment to catch its breath. It’s just like trying to push your body too hard–sooner or later, you’ll crash and need to take a break. If you don’t, you run the risk of working your technology too hard, which could result in your technology breaking down prematurely. To restart your PC, click on the Start menu or press the Windows key. Next, select Power and click Restart.

Disable Startup Apps
Some programs will start as soon as you power up your computer. A couple examples might be Microsoft Office, antivirus, Spotify, or anything else that is set to do so. If your computer takes too long to start up, you can disable applications so that they don’t run automatically when you turn your computer on. To do this, open your task manager by using the Ctrl+Alt+Delete keyboard shortcut. Select More Details for the option Startup and Disable any programs that you don’t want to initiate on startup. Just be careful of the ones you actually disable, as some of them might be required to keep your computer running properly.

Have these three tips helped out your PC performance? To learn more, reach out to us at PHONENUMBER.