Newsletters

3/14/2018 Newsletters

Security Update: Was TeamViewer Hacked? Digital Edge Believes it was a Backdoor Dropped by Trojan.MulDrop6.39120

Digital Edge’s Security Team is monitoring the situation with TeamViewer hacking allegations. The news broke last week – some TeamViewer users complained that intruders gained access to their computers through TeamViewer program. 
TeamViewer denied any hacking allegations but shortly following, its service was knocked off by a DDoS attack aiming DNS services, leaving more questions to TeamViewer’s Security Team. 

1. Even though the situation is still not clear, the Digital Edge Security Team sides with security expects blaming a BackDoor Trojan discovered in May of 2016. The signature for the Trojan was added on 05/26/2016. The version of Trojan -  BackDoor.TeamViewer.49 utilizes TeamViewer as its backdoor implementation and is delivered by Trojan.MulDrop6.39120 through Adobe vulnerability. Even though the Trojan is supposed to hide the TeamViewer interface and use its functions in the background, we believe that mutation of the virus (the virus uses advanced hiding techniques) can create an unpredicted effect on the systems with legitimately installed TeamViewer causing effect described by users that reported the compromise. 

Please click here for more details

As a result, we do believe that it is safe to use TeamViewer, unless your system does not have updated antivirus and does not have all latest patches installed. By saying that, the Digital Edge team urges to cautiously use this product, as there is no confirmation from TeamViewer’s Security Team or reputable security companies that our analysis is correct

2. Digital Edge security team has contacted all clients using TeamViewer and discussed preventive measures. 

3. If you are using TeamViewer please click here to see our advice how to verify that your TeamViewer was not hacked. 

If you feel that you need assistance from the Digital Edge Security team please contact Danielle Saladis at dsaladis@DIGITALEDGE.NET

Digital Edge is committed to providing the highest levels of security within all the IT infrastructure environments under its care. In order to achieve this utmost goal for all of our clients, we continuously maintain vigilance both on the productive side of IT as well as on its destructive side. We thus send out news and security bulletins such as this one from time to time to ensure that our clients are informed and educated on any important developments in IT security and are fully aware of what we are doing to ensure that we and our clients are always at the Cutting and at the Digital Edge of technology.

10/13/2016 Newsletters

Log Management Retention Requirements

Automated Event Log Management Solutions are used to facilitate the most difficult job in any compliance process. Regular review and correlation of event data through merging and archiving of events from multiple systems and separation of the most critical 1% of activities from useless 99% of noise. From the compliance perspective, event log management is: Collection (Consolidation), Archiving (Retention), Audit Reporting, and Monitoring (Alerting).

On September 20th, 2016, Digital Edge released an article on Log Management Laws and Regulations. Click here to view a little “Cheat Sheet" on the Event Log Retention Requirements that are mandated by major compliance regulations.

8/19/2016 Newsletters

Digital Edge's ISO 9001:2008 Certification Surveillance Audit: Success!

On Tuesday, August 16, Digital Edge passed the International Organization for Standardization’s (ISO) Quality Management Surveillance Audit using the 9001:2008 framework. ISO is an independent, non-governmental international organization with a membership of 163 national standard bodies. ISO is credited for publishing more than 2100 international standards, covering almost every industry, from technology, to food safety, to aviation and healthcare.
 

8/10/2016 Newsletters

Security Update Cyber Incident Reporting

Digital Edge’s Security Team assists clients with cyber security forensics and often hears the question – “what is the proper way to report to law enforcements?” As a company, we aim to aid our clients in informing them on the right steps to take when dealing with a cyber-incident. There is a growing number of cyber networks that were seriously attacked and this is not a matter to be taken lightly. This is why Digital Edge feels it is important to know the right procedure. These incidents can result in serious consequences with the capability of causing lasting harm. By reporting these incidents, the government can assist them with agencies that can investigate the incident, lessen the consequences, and help avoid these cyber incidents in the future.

Please click here for more information.

If you feel that you need assistance from the Digital Edge Security team, please contact us at support@DIGITALEDGE.NET or open a ticket through Digital Edge web site at https://www.digitaledge.net.

4/26/2016 Newsletters

Security Updates For April

For the past few months, the security community did not surprise its audience with anything interesting, but this week there have been a few updates worth to share:

  1. The administrative web services interface in Juniper ScreenOS before 6.3.0r21 allows remote attackers to cause a denial of service (reboot) via a crafted SSL packet. There are more denial types of vulnerabilities found in Juniper software. 
  2. Multiple gnu_glibc libraries vulnerabilities potentially exposing threat to cause denial of service were discovered. 
  3. The most interesting is Xen overflow vulnerability. This vulnerability allows guest to corrupt physical host. Those type of vulnerabilities are troubling security professionals, showing that information technology should not blindly trust virtualization encapsulation.  

All Digital Edge managed or co-managed clients will be patched according to individual schedules. 
If you feel that you need assistance from the Digital Edge Security team please contact Danielle Saladis at dsaladis@DIGITALEDGE.NET
Please click here for more information. 

Digital Edge is committed to providing the highest levels of security within all the IT infrastructure environments under its care. In order to achieve this utmost goal for all of our clients, we continuously maintain vigilance both on the productive side of IT as well as on its destructive side. We thus send out news and security bulletins such as this one from time to time to ensure that our clients are informed and educated on any important developments in IT security and are fully aware of what we are doing to ensure that we and our clients are always at the Cutting and at the Digital Edge of technology.

3/8/2016 Newsletters

Inclement Weather: DALLAS Severe Thunderstorm Watch

Dear Valued Client, 

The National Weather Service has issued a Severe Thunderstorm Watch for this afternoon and later tonight in the DFW area, with Hazard conditions up to 70 MPH wind Gusts and Penny size hail. 

This message is to assure you of our continued 24/7 support during this SEVERE THUDERSTORM WATCH that is in affect for the Dallas, Texas area today, Tuesday, March 8, 2016. 

Our technicians are onsite and available to give you reliability that is expected from Digital Edge! 

At this time, Building Management preparations include: 

  • Ensuring fuel reserves are at maximum levels and confirming fuel deliveries, if needed 
  • Testing all generators to ensure they are in optimal working conditions 
  • Verifying all UPS and HVAC systems are in proper settings and working in optimal conditions 
  • Confirming any necessary supporting contractors are on call for quick response, if needed 


Throughout the storm, the Building Management will conduct hourly inspections of all critical facilities, assess the situation, and prepare accordingly. Local teams will provide additional notification if any issues arise. 

Any client using our Geographical Cluster may request to switch their operation to our datacenter in NEW YORK for additional security. Please contact our support team to do so. 

We thank you for your business. 

-Digital Edge

2/22/2016 Newsletters

Security Warning: Remote Exploitation - A New Linux/Unix Vulnerability May Allow a Hacker to Take Control

Last week, it was announced that a new GNU glibc library buffer overflow is classified as a critical. This vulnerability may allow a hacker to take control over your system. What requires additional attention is DNS systems, as they are publically exposed. 

Digital Edge reports that over weekend our security team addressed the situation. All our DNS infrastructure is up to date on security patches. 

The Digital Edge team is working with fully managed clients individually to secure clients’ Linux systems. 

Please contact us for more information. 

Read more

Digital Edge Security

1/26/2016 Newsletters

January 25 – PHP – Multiple Vulnerabilities – Some Critical

1. This week, the Security Community announced multiple code weaknesses and related vulnerability in PHP. Some of them can cause denial of service, but more problematic is that it would allow remote code execution that might result in full server take over. 

2. New Fortinet vulnerabilities were discovered that are very similar to the Juniper vulnerability announced a month ago. Fortinet is large Digital Edge partner. We verified with the hardware manufacturer that the firmware used in our devices are not affected by the vulnerability. 

3. 2 SAP HANA vulnerabilities were discovered, both can cause denial of service through disk overload. 

All Digital Edge managed or co-managed clients will be patched according to individual schedules. 

Additionally, click here to ensure that you are safe and free of Dridex. 

If you feel that you need assistance from the Digital Edge Security team please contact Danielle Saladis at dsaladis@DIGITALEDGE.NET

Please click here for more information. 

Digital Edge is committed to providing the highest levels of security within all the IT infrastructure environments under its care. In order to achieve this utmost goal for all of our clients, we continuously maintain vigilance both on the productive side of IT as well as on its destructive side. We thus send out news and security bulletins such as this one from time to time to ensure that our clients are informed and educated on any important developments in IT security and are fully aware of what we are doing to ensure that we and our clients are always at the Cutting and at the Digital Edge of technology.

1/21/2016 Newsletters

Inclement Weather Warning

Dear Valued Client, 

This message is to assure you of our continued 24/7 support during the potential blizzard (Jonas) that could affect the New York City Metro Area between Friday 1/22/2016 and Sunday 1/24/2016. 

Our technicians are onsite and available to give you reliability that is expected from Digital Edge! 

Any client using our Geographical Cluster may request to switch their operation to our datacenter in Dallas for additional security. Please contact our support team to do so. 

We thank you for your business. 

-Digital Edge

11/10/2015 Newsletters

First Hypervisor Vulnerability Allowing Guest to Attack

This vulnerability is more historical rather than practical, but it caught attention of the Digital Edge security team as we think it is the first hypervisor vulnerability allowing a guest to attack hypervisor host

The virtualization idea is that virtual instances should be running in their own jail and would not be able to communicate with other virtual instances or the physical host itself. This isolation technique makes people confident going into the “cloud” as in theory that nobody can break the jail. Your “neighbors” cannot damage you. 

If the isolation concept fails, a criminal can purchase a virtual machine “next” to you and hack into your machine. Hypervisor software is doing everything to block visibility from one virtual instance to another or to the physical host. 

New vulnerability - CVE-2015-7835 was logged today simply stating: 

“The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping.” 

What this actually means is that a hacker can purchase a VM and get control over its physical host and then over VMs running on that physical host. In our opinion it is the worst bug we have seen

Please click here for more information. 

Digital Edge is committed to providing the highest levels of security within all the IT infrastructure environments under its care. In order to achieve this utmost goal for all of our clients, we continuously maintain vigilance both on the productive side of IT as well as on its destructive side. We thus send out news and security bulletins such as this one from time to time to ensure that our clients are informed and educated on any important developments in IT security and are fully aware of what we are doing to ensure that we and our clients are always at the Cutting and at the Digital Edge of technology.