Archive for Security Response

Users Should Upgrade Apple iPhones and iPads to 9.3.5 Immediately

SYGNET is advising clients inform their end users to upgrade their Apple iOS devices (iPhones and iPads) to the latest release which is 9.3.5 as soon as possible. This update was released late last week.

The reason for this recommendation is the potential for the spread of a particularly nefarious piece of malware named Pegasus. There is significant media coverage of this exploit for users who wish to know more about the specifics, however we agree with Apple’s recommendation to install this update quickly.

SYGNET has tested the update internally, and so far has not come across any major issues. There are also no wide spread reports of problems with the update from the media. That being said, we recommend users to consider the timing of their updating to avoid major inconvenience in the event of a problem (ie. do not update your device right before travelling).

The following is a link to instructions on how to initiate an update on an iOS device.

This is what Proactive Managed Services looks like.

Posted in: Proactive Managed Services, Security Response

Leave a Comment (0) →

Good Article on why 3rd Party Patching Matters

SYGNET has always regarded timely patching and updating of systems as a serious part of overall security. So often we read of data breaches where hackers took advantage or one or several known vulnerabilities in the target systems that could have been blocked through proactive patching. There are some hacks that take advantage of unknown vulnerabilities, however those are actually the minority. Most people of familiar with the need to patch their Operating System, such as Microsoft Windows or Apple Mac, however it is just as important to consider other commonly attacked software. Hackers tend to focus where they get the most bang for their effort, hence they will target common 3rd Party Software, such as Adobe Reader, Adobe Flash, Java, and VLC Player. A good article covering 3rd Party Software can be seen here. SYGNET’s Active Network Management service covers the patching of all the software mentioned in this article. Further to that, SYGNET will help clients by uninstalling software they do not need, thereby reducing the possibility of attack.

This is what Proactive Managed Services looks like.

Posted in: Information Security, Proactive Managed Services, Security Response

Leave a Comment (0) →

Symantec.Cloud Server Agent Update

On July 21st, 2016, Symantec released an update for Symantec.Cloud Endpoint Protection server agents in response to a discovered vulnerability detailed here. For the server version of the agents, manual intervention was required to complete the agent update successfully. SYGNET has completed the manged rolled out this update to all client servers as of today. Our clients feel safer knowing important vulnerabilities are quickly patched.

This is what Proactive Managed Services looks like.

Posted in: Proactive Managed Services, Security Response

Leave a Comment (0) →

Canadian Anti-Fraud Centre

Canadian companies and citizens should bookmark the webpage for the Canadian Anti-Fraud Centre (CAFC). This website is maintained by the Government of Canada to provide companies and citizens with information on current frauds and scams. The site has numerous tips on how to avoid becoming a victim, and has instructions to report suspected fraud. SYGNET came across the website while assisting a client in reporting attempted fraud that was perpetrated against them.


Posted in: Information Security, Security Response, Tech Tips for Business Owners

Leave a Comment (0) →

POODLE SSLv3 Vulnerability

With the release last week of information pertaining to a potential information disclosure vulnerability in numerous systems that use SSL version 3 encryption, we have started to implement changes to client systems to mitigate the associated risk. We recommend clients familiarize themselves with the POODLE SSLv3 vulnerability by reading the excellent article that can be seen at

SSL encryption can be used to secure data connections between systems across the Internet, and on internal networks as well. Its most common usage scenario is to encrypt web browser connections to servers across the Internet. Though encrypted connections are mainly referred to general terms, there are in fact numerous protocols and cyphers that are supported by the various Operating Systems in use today. Naturally, newer Operation Systems can use more recent and therefore stronger encryption protocols than their older counterparts.

The vulnerability disclosed last week was around SSL 3.0, which was a very popular encryption protocol that has widespread Operating System support (Windows, MACs, and Linux etc.). Though it has been surpassed in recent years by newer and stronger encryption techniques, most systems left it enabled to support older systems. A vulnerability in SSL 3.0 has been demonstrated that would possibly allow an attacker to compromise communications protected by this protocol. It does not provide a direct method for an attacker to gain control of any systems. However an attacker may be able to collect credentials for use in subsequent attacks by eavesdropping on SSL 3.0 communications they are able to compromise with this vulnerability. There is no planned “patch” for this vulnerability so the recommendation is simply to disable its use, both on servers and client systems.

SYGNET will be disabling SSL 2.0 (in the event it is still enabled) and SSL 3.0 from all servers as soon as possible. Clients are warned that there could be some disruption to Line of Business applications and websites that may rely on these specific versions of SSL. It is quite difficult to make this determination in advance, therefore, SYGNET recommends proceeding with the changes since they can be reversed relatively easily should a particular application require either of these specific protocols.

SYGNET will also be disabling SSL 2.0 and SSL 3.0 in the browser settings of Microsoft Internet Explorer for domain joined systems via Group Policy. We will also provide instructions to users on how they can manually make this change for browsers other than Microsoft Internet Explorer and for standalone systems not controlled by domain Group Policy.

Further to the measures mentioned above, clients running a current SonicWALL firewall with Security Services enabled have been protected since October 15th, 2014 when the detection signatures were released.

We will of course provide updates regarding the POODLE vulnerability should additional information become available.

Regards, Cameron Gracie.


Posted in: Security Response, Tech Tips for Business Owners

Leave a Comment (0) →