On January 27, 2020 the Securities and Exchange Commission Commission's Office of Compliance Inspections and Examinations issued examination observations related to cybersecurity and operational resiliency practices undertaken by market participants. We reviewed this alert and simplified it into major points that are easily digestible. The OCIE provided the following observations: Governance and Risk Management Senior leadership is
On December 17, 2019, Citrix published an article describing vulnerability affecting the Citrix Application Delivery Controller (ADC) and Citrix Gateway formerly known as NetScaler ADC and Gateway. The vulnerability was assigned the following CVE number: CVE-2019-19781 : Vulnerability in Citrix Application Delivery Controller and Citrix Gateway leading to arbitrary code execution The vulnerability affects all product
In December 2019, the U.S. government issued indictments against two hackers who were allegedly involved in a multiyear effort to penetrate the systems of several IT Vendors and Managed Services Providers (MSPs). The attack known today as the “Cloud Hopper Mega Hack” was first noticed in 2016, as indicated by the Wall Street Journal. Preview
This vulnerability was responsibly disclosed to Axcient/Anchor on November 4, 2019. Affected versions: > 2.7.1.1498 During a penetration test we came across a file sharing application called SynedTool. When performing some of the more simpler tests we identified that this application is vulnerable to an Information Leakage and Improper Error Handling vulnerability. The application allows
