Citrix Cyber Attack Cyber Awareness Cyber Security

New Citrix CVE-2022-27518 vulnerability

❗ Security alert ❗ Citrix has just announced a vulnerability discovered in Citrix Gateway and Citrix ADC. Citrix ADC or Citrix Gateway appliances configured as a SAML SP or a SAML IdP are affected by the CVE-2022-27518 vulnerability, which allows unauthenticated remote arbitrary code execution. The following supported versions of Citrix ADC and Citrix Gateway are affected by this […]

Cyber Security
Microsoft Exchange

Security Alert: NEW Microsoft Exchange zero-day vulnerabilities

It appears two new Microsoft Exchange Zero-Day vulnerabilities are being exploited in the wild. While the exploitation is not yet confirmed, attacks have been launched on fully patched Exchange servers affecting companies and organisations. If you run Microsoft Exchange on-premises and have Outlook Web App (OWA) facing the internet, the chances are you are impacted. […]

Cyber Security

New domain names for Australian businesses and organisations

Two weeks have been left for Australian businesses to make use of the priority registration period and register their domain names under the .au extension. From 20th September 2022, the way we register domain names in Australia is changing, and below is what you should know. What you should know about the change After this […]

Cyber Security

Demystifying the powerful SPF, DKIM and DMARC technologies

This blog post discusses the SPF, DKIM and DMARC mechanisms and how organisations can use them to their benefit. Contrary to popular belief, their role is not to protect a mail system against threats. Instead, they act as protection mechanisms for the mail exchange worldwide, adding to the Cyber Hygiene of this ecosystem. Did we […]

Cyber Security

About the new Network and Information Systems 2 (NIS2) Directive

The landscape is changing so does the legislation. NIS2 Directive is now a reality for European Union and its members. The Directive comes as a response to the increased exposure of Europe to cyber threats and now covers medium and large entities from more critical sectors of the economy and society. A Cyber Security programme and Incident […]

Cyber Security

Our response to the zero-day “Follina” vulnerability

On Monday, May 30, 2022, Microsoft disclosed the “Follina” dubbed remote code execution (RCE) CVE-2022-30190 zero-day vulnerability, affecting Microsoft Office products. Zero-day means no patch is available yet, and our InfoSec department here at COMPTEC I.T acted quickly and worked overnight to provide a response for our clientele and partner network. Once we got them […]