Announcement concerning recently discovered vulnerabilities in the SolarWinds Orion platform

 Accounting & Taxation, Current Events, Current Events, IT Consulting  Comments Off on Announcement concerning recently discovered vulnerabilities in the SolarWinds Orion platform
Dec 152020
 

There have been multiple news reports about the US Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) confirming that malicious threat actors have been and are actively exploiting vulnerabilities in SolarWinds Orion products, primarily by leveraging the SUNBURST malware.

SolarWinds Orion is an IT monitoring solution.

Rosenthal & Rosenthal does not now, nor have we ever used any SolarWinds products. As a result, our clients’ information is not vulnerable to these exploits.

We strongly advise our enterprise clients who may be using the Orion platform to review available firewall updates to keep your internal systems secure. As always, we stand ready to assist in assessing the overall security of your network infrastructure.

More information (including CVE links) may be found on the CISA page.

Shellshock is a concern for older servers – we have some help

 Current Events, IT Consulting  Comments Off on Shellshock is a concern for older servers – we have some help
Oct 082014
 

Linux vendors have been scrambling to patch the now-famous <a title="Wikipedia: Shellshock (software bug)" href="http://en singulair dosage.wikipedia.org/wiki/Shellshock_%28software_bug%29″ target=”_blank”>Shellshock bash vulnerability since it came to light late last month. However, most vendors have no real idea how many of their older distributions are still in production, and still in need of security fixes.

If you have any older CentOS systems (3.9 or 4.8/4.9, the final releases of each of those versions), it might be a good idea to check out Lewis’ binary rpm releases of patched bash 2.05b (for CentOS 3.9) and/or 3.0 (for CentOS 4.8), available from the Rosenthal & Rosenthal FTP server.

More news may be found on Lewis’ blog, here.

Major reorganization at Norman

 Current Events, IT Consulting  Comments Off on Major reorganization at Norman
Jan 192014
 

Wondering what was happening with my usual monthly Norman licensing report, I received the following in the January newsletter a few days ago:

As you might have been informed, Norman Shark has recently been acquired by Blue Coat Systems.
As Blue Coat will not be involved in any of our “Safeground” Business, this change forces us to restructure this Business in the US going forward.

We have decided to move the responsibility for this Business to our International Department.

Well, that answrered that question. It was only a couple of years ago that they consolidated North American offices to the west coast. Now, all of our renewals go thorugh Switzerland. No matter; aside from a couple days' delay, our January client renewals were processed and all is settling back to normal.