Small to medium sized businesses today are able to compete with global brands, thanks to the world wide web, but cyber criminals are unfortunately targeting these small to medium sized enterprises that is why it is essential to have managed IT support services for your Sydney business.
Here are just some of the latest technological updates that a managed IT support team in Sydney has to keep an eye on this week.
SonicWall From Dell Has Backdoor Vulnerability
Managed IT support teams in Sydney and around the world will be very busy in monitoring SonicWall’s GMS (global management system) consoles because if the hidden account default password that is very easy to access.
Digital Defense, a security vendor, says that the hidden user account can easily be accessed via an interface client command line that people can download from the GMS application console. Managed IT support groups in Sydney should be vigilant because it is easy to edit the command line to be able to add non-administrative user access. Cyber attackers will be able to logon to the interface over the web and alter the admin user password. Once they have logged in using the administrator account, cyber attackers can have total control of the targeted SonicWall device and the GMS controls.
Managed IT support teams in Sydney are well aware of the critical vulnerability. Digital defense gave the firewall management console issue of version 8.1 a critical rating. Dell quickly responded in resolving this by removing the backdoor account and also fixed five other issues that Digital Defense discovered. Two of the other vulnerabilities that was patched by Dell also had a critical rating. Their researchers discovered that attackers could alter set_dns and set_time_config commands with superuser privileges or rooting. If a cyber attacker was successful in doing so, the attacker could access database credentials and alter the admin user password of the GMS, which would also lead to total control of the breached system.
Microsoft Issues This Month
Managed IT support groups in Sydney definitely had their hands full with Microsoft patches and updates this month. The batch of July patches included fixing a bug that can be exploited to bypass a Windows system’s secure boot protection function.
Managed IT support teams in Sydney know that newer Microsoft computers need to go through the mandated secure boot process in the UEFI or unified extensible firmware interface code which verifies the boot loader before the Windows operating system starts up to make sure that the device is digitally signed by the manufacturer. But secure boot can be completely bypassed using Windows group policy which can be used by cyber attackers to gain total access to Windows systems that are thought to be locked down. If an attacker is able to exploit the susceptibility can undermine the checks for code integrity and allow test-signed drivers and executables to run on the targeted Microsoft device. The cyber attacker could also work around the integrity validation of the secureboot for BitLocker and other security features like the device encryption allowing the hacker to do plenty of damage to the system.
The solution for CVE-2016-3287 have blacklisting capabilities of the policies that attackers may use to undermine Secure Boot. The only other way for cyber attackers to breach systems, even with a managed IT support team in Sydney in place, is by having physical access to the system or gaining admin privileges if they want to take control of Windows client and server newer versions. A qualified and dependable managed IT support group in Sydney who takes a pro-active approach in monitoring and keeping business systems and servers secure will surely be able to prevent this from happening.
A systems engineer from Core Security, Bobby Kuzma, mentions that the flaw could potentially make the boot system protection useless, which can open the system up to spying by scrupulous individuals, or even the government. Ironically, secure boot is not all the secure. A cyber attacker who can disable the integrity checks can easily disable the BitLocker encryption.
Managed IT support groups in Sydney should have downloaded and installed the recently patched vulnerabilities. One of the patches, MS16-084 was for handling remote execution code for the browser (internet explorer) that was susceptible to exploitation via malicious websites.