OT and IT teams are used to talking about “interoperability” when it comes to devices.
Latest Check Point Software vulnerabilities
Latest Check Point Software vulnerabilities
On May 28, 2024, Check Point disclosed a serious vulnerability in Check Point Security Gateway Devices with certain remote access software blades (security modules) enabled. Per their guidance, devices are impacted if one of the following conditions are met:
- The IPsec VPN Blade is enabled, but ONLY when included in the Remote Access VPN community.
- The Mobile Access Software Blade is enabled.
The issue, identified as CVE-2024-24919, allows reading arbitrary files on the targeted appliance by unauthenticated remote attackers. This vulnerability could be leveraged to read sensitive files such as those containing password hashes, certificates, and ssh keys.
This vulnerability has a CVSS score of 8.6 out of 10, indicating that this is a high risk vulnerability. According to their disclosure and information provided by CISA this vulnerability is being actively exploited. A report from mnemonic.io states that they have observed attacks at least as far back as April 30, 2024.
What is the impact?
Upon successful exploitation of the vulnerability, unauthenticated remote attackers could access password hashes for local users. If the hashes are cracked the attacker may be able to log into these user accounts if secondary controls, such as MFA, are not enforced. This includes service accounts that may be used to access Active Directory or other services. Attackers could leverage this information to move across a target’s network.
Are updates or workarounds available?
Check Point has released a software updates to address this vulnerability. They also provide guidance for other measures that should be taken after the vulnerability has been addressed. These can be found in their advisory.
How do I find potentially vulnerable Check Point devices with runZero?
From the Asset Inventory, use the following query to locate assets that may be running the vulnerable operating system in your network:
hardware:"Check Point" AND (_service.last.http.body:"Check Point Mobile" OR _service.http.body:"Check Point Mobile" OR udp_port:500)About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.
CloudM chooses Royal Manchester Children’s Hospital as 2024 charity partner
CloudM has chosen Royal Manchester Children’s Hospital as its charity partner of the year in 2024. As a Manchester-based business, CloudM was keen to support local organisations and help make a difference in its local community.
Royal Manchester Children’s Hospital is the largest children’s hospital in the country, and the work of the Manchester Foundation Trust Charity helps maintain the hospital as one of the best. The hospital provides specialist treatments and care for children from the local community and across the country.
Among the reasons for choosing the Royal Manchester Children’s Hospital as its charity of the year, was the inspiring story of local lad, Hughie Higginson and his friend Freddie. Hughie was diagnosed with leukaemia when he was just 10 years old and was treated at the hospital. While he was undergoing treatment, Freddie set out to raise money to support his friend by running 2 kilometres per day for 50 days. Hughie is now cancer-free, and alongside Freddie ‘Hughie & Freddie’s Play Appeal’ has raised a staggering £340,000 for the charity.
It is the support of community and corporate fundraisers that allow the hospital to go beyond the treatment offered on the NHS and improve the experience of the children, and their families, that they treat. Fundraising helps provide state-of-the art equipment, support the very best research and help to deliver exceptional care.
“Over the years CloudM has supported lots of charities, this year we really wanted to support a local organisation. It was an easy choice to support a charity in Royal Manchester Children’s Hospital that really goes above and beyond to ensure that poorly children receive the very best treatment and care possible. We’re really excited to support and raise funds in a real variety of ways.”
CloudM employees will be supporting the charity in a variety of ways, from raising funds and taking part in some of the hospital’s existing fundraising events, to holding our own fundraising efforts. Employees will also be giving up their time to help volunteer within the charity.
When Hughie and Freddie discovered they were the inspiration behind CloudM choosing Royal Manchester’s Children Hospital, they were keen to say “A massive thank you, it will help so many patients and families, thank you so much!”
“We are so very grateful for CloudM colleagues choosing to support Manchester Foundation Trust Charity as their new Charity of the Year, raising funds for Royal Manchester Children’s Hospital,” said Jack Bright, Relationship Manager at Manchester NHS Foundation Trust Charity. “We can’t wait to meet more of the CloudM team as they get stuck in with their fundraising, which will make a difference to thousands of patients and their families who need our hospital each and every year. Welcome to our family of fantastic supporters and we look forward to working with you!”
We’ll provide regular updates on activities and our fundraising events throughout the year, and if any customers or partners would like to get involved, please reach out to your account manager.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About CloudM
CloudM is an award-winning SaaS company whose humble beginnings in Manchester have grown into a global business in just a few short years.
Our team of tech-driven innovators have designed a SaaS data management platform for you to get the most from your digital workspace. Whether it’s Microsoft 365, Google Workspace or other SaaS applications, CloudM drives your business through a simple, easy-to-use interface, helping you to work smarter, not harder.
By automating time-consuming tasks like IT admin, onboarding & offboarding, archiving and migrations, the CloudM platform takes care of the day-to-day, allowing you to focus on the big picture.
With over 35,000 customers including the likes of Spotify, Netflix and Uber, our all-in-one platform is putting office life on auto-pilot, saving you time, stress and money.
24.6.0 Voyager released
Changes compared to 24.5.1
Enhancements
- Added more device filtering options when creating a Bulk Upgrade campaign in Comet Server web interface
- Added an option to specify a custom HELO/EHLO hostname when configuring SMTP or MX-Direct email delivery in the Comet Server web interface
- Added support for configuring IP rate limits in the Comet Server web interface
- Added support for configuring backup job bandwidth limits in different units such as KB/s, Kbit/s or Mbit/s from the Comet Server web interface
- Allowed retention passes to safely continue with a warning if Comet is unable to clean up deleted tombstoned file versions from an S3-compatible target
- Updated the MySQL Protected Item to prefer mariadb-dump over mysqldump on Linux devices
- Updated Microsoft 365 account listing to append “Disabled” attribute to user mailboxes for later informed inclusion at the UI level
- Reduced the memory usage when Constellation Role is deleting a very large bucket
Bug Fixes
- Fixed an issue with Comet leaving temporary files in the Storage Vault if an error occurred when attempting a write when using Storage Role
- Fixed an issue with extra log messages appearing on Linux when locking or unlocking the Comet Backup desktop app user interface
- Fixed an issue with showing invalid restore options for non-Files and Folders backup jobs in the Comet Server web interface if the Protected Item had been deleted
- Fixed an issue with showing invalid restore options for some types of backup jobs in the Comet Backup desktop app
- Fixed an issue where Comet would not retry when cleaning up deleted tombstoned file versions from an S3-compatible target causing the job to fail
- Fixed an issue with OIDC-based authentication on the Comet Server when the tenant hostname, or request hostname, has mixed-case characters
- Fixed an issue with granular restore unable to open VMDKs from vSAN and snapshot extents for VMWare Protected Items
- Fixed an error in Microsoft 365 account listing caused when a personal site is missing an associated user
- Fixed an issue with backups being triggered on client upgrade when new the user profiles LastStartTime had not yet been set
- Fixed an issue causing the DenyConstellationRole permission to be respected by Constellation Role-related API endpoints even if the PreventEditServerSettings permission is not enabled
- Fixed an issue causing the DenyConstellationRole permission to be toggled on when the “Prevent viewing and editing server settings” checkbox is toggled on or off in the Comet Server web interface
- Fixed an issue with a slightly misleading error message when access to Constellation Role-related API endpoints is denied due to restricted admin permissions
- Fixed a cosmetic issue with truncating long page title text in the Comet Server web interface
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Comet
We are a team of dedicated professionals committed to developing reliable and secure backup solutions for MSP’s, Businesses and IT professionals. With over 10 years of experience in the industry, we understand the importance of having a reliable backup solution in place to protect your valuable data. That’s why we’ve developed a comprehensive suite of backup solutions that are easy to use, scalable and highly secure.
