Blog
10 Must-Ask Questions for Improved Warehouse Wireless Systems
Proper wireless network design and implementation present challenges for organizations – there are certain variables that affect the topology and its performance in a big way, and not all of them are about the hardware. Not by a long shot.…Read More
Security Bulletin: Pulse Connect Secure RCE Vulnerability (CVE-2021-22893)
What was announced? A recently identified vulnerability that includes an authentication by-pass vulnerability that can allow an unauthenticated user to perform remote arbitrary file execution on the Pulse Connect Secure gateway. This vulnerability has a critical CVSS score and poses a significant risk to…Read More
Palo Alto Networks Brings Security to “Shift Left” Cloud Deployment
Quick Glance – The proposed acquisition of Bridgecrew Technologies will enable “shift left” security, with Prisma Cloud. – The company’s developer-first IaC security platform offers developers and DevOps teams a systematic way to enforce infrastructure. – Of the many challenges…Read More
Security Bulletin: Critical Buffer Overflow Vulnerability in Sudo
Written by Joe Helle, Security Engineer ⏯️ Watch the video explanation here In early February 2021, Qualys released information regarding CVE-2021-3156, a buffer overflow vulnerability in Linux’ Sudo program. Utilizing a released exploit, unprivileged users can elevate their privileges to…Read More
SolarWinds/Sunburst Risk Assessment
Recently announced vulnerabilities of certain versions of SolarWinds Orion software may increase the potential for unauthorized system access, sensitive data exfiltration, and/or other theft of intellectual capital. Given the prevalence of this potential exposure, it is vital to figure out if your organization is at risk. Integration Partners can help by performing a risk assessment to find potential exposure. Our…Read More
Security Bulletin: SolarWinds Security Advisory
We want to make you aware of a recently announced security advisory impacting software from SolarWinds. This vulnerability impacts their Orion Monitoring Platform and could lead to nefarious actors accessing your monitored systems and deliver Malware (called SUNBURST) or perform other unauthorized activities. SolarWinds has…Read More
Security Bulletin: Unmanaged IPv6 DNS in the Enterprise Active Directory Environment
Written by Joe Helle, Security Engineer ⏯️ Watch the video explanation here Introduction As the world continues to run out of IPv4 addresses, developers and software engineers have made the push towards utilizing IPv6 network spaces. And this makes sense…Read More
Integration Partners discovers Zero-Day vulnerability in Web Application
Zero-Day vulnerability discovered by Joe Helle, Security Engineer at Integration Partners On November 8th, 2020 our newest Security Engineer, Joe Helle, was issued a CVE (Common Vulnerability and Exposures) number for a Zero-Day Reflected Cross-Site Scripting vulnerability in a…Read More
Attackers are Targeting Healthcare Providers: 3 Things to Check Right Now
There has recently been a noticeable increase in cyber-attacks targeting health care organizations (details are available here). Given this new information, it is imperative to identify whether your environment is susceptible to these types of targeted attacks and can you…Read More
[SECURITY ALERT] Zerologon Exploitation
Written by Joe Helle, Security Engineer Introduction In August 2020, Microsoft released the first of two parts of a critical security patch for CVE 2020-1472 that allows an attacker to exploit a vulnerability in Netlogon to gain access to privileged domain accounts.…Read More