We are constantly interested in the latest and up-to-date technology.
As we move forward with the software development we will continue to use new technologies to improve our products and the customer experience. And we will continue to develop our solutions with both new functionality and increasing integration with the latest major platforms.
As the growing market shares and interests in the I.T. virtualization, we tailored the unique virtualization solution vFleXtor using proven, modern up-to-date technology.
Timely information about security topics and threats:
CISA All NCAS Products
CISA All NCAS Products
- Original release date: October 22, 2020<br/><p>The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released two joint cybersecurity advisories on widespread advanced persistent threat (APT) activity.</p> <ul> <li><a href="https://us-cert.cisa.gov/ncas/alerts/aa20-296a">Joint Cybersecurity Advisory: AA20-296A Russian State-Sponsored Advanced Persistent Threat Actor Compromises U.S. Government Targets</a></li> <li><a href="https://us-cert.cisa.gov https://us-cert.cisa.gov/ncas/alerts/aa20-296b">Joint Cybersecurity Advisory: AA20-296B Iranian State-Sponsored Advanced Persistent Threat Actors Threaten Election-Related Systems</a></li> </ul> <p>AA20-296A updates a previous <a href="https://us-cert.cisa.gov/ncas/alerts/aa20-283a">joint CISA-FBI cybersecurity advisory</a> and provides information on Russian state-sponsored actors targeting U.S. state, local, tribal, and territorial (SLTT) government networks, as well as aviation networks. In limited instances, this activity has resulted in unauthorized access to IT systems used by U.S. election officials.</p> <p>AA20-296B details Iranian APT actors working to influence and interfere with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process. These actors have taken part in spear-phishing campaigns, website defacements, and disinformation campaigns to spread obtained U.S. voter-registration data, anti-American propaganda, and misinformation about voter suppression, voter fraud, and ballot fraud.</p> <p>Both joint cybersecurity advisories contain information on exploited vulnerabilities and recommended mitigation actions for affected organizations to pursue.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy & Use</a> policy.</p> </div>
- Original release date: October 22, 2020<br/><p>Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the <a href="https://tools.cisco.com/security/center/publicationListing.x">Cisco security page</a> and apply the necessary updates.</p> <p> </p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy & Use</a> policy.</p> </div>
- Original release date: October 22, 2020<br/><p>The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are warning that Iranian advanced persistent threat (APT) actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public confidence in the U.S. electoral process.</p> <p>The APT actors are creating fictitious media sites and spoofing legitimate media sites to spread obtained U.S. voter-registration data, anti-American propaganda, and misinformation about voter suppression, voter fraud, and ballot fraud.</p> <p>The APT actors have historically exploited critical vulnerabilities to conduct distributed denial-of-service (DDoS) attacks, structured query language (SQL) injections attacks, spear-phishing campaigns, website defacements, and disinformation campaigns. </p> <p>Click here for a <a href="https://us-cert.cisa.gov/sites/default/files/Joint_CISA_FBI_CSA-AA20-296B_Iranian_APT_Actors_Threaten_Election-Related_Systems.pdf">PDF</a> version of this report.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy & Use</a> policy.</p> </div>
- Original release date: October 22, 2020<br/><p class="tip-intro" style="font-size: 15px;"><em>This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CKŪ) framework. See the <a href="https://attack.mitre.org/versions/v7/">ATT&CK for Enterprise</a> framework for all referenced threat actor tactics and techniques </em></p> <p>This joint cybersecurity advisory?written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA)?provides information on Russian state-sponsored advanced persistent threat (APT) actor activity targeting various U.S. state, local, territorial, and tribal (SLTT) government networks, as well as aviation networks. This advisory updates joint CISA-FBI cybersecurity advisory <a href="https://us-cert.cisa.gov/ncas/alerts/aa20-283a">AA20-283A: APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations</a>.</p> <p>Since at least September 2020, a Russian state-sponsored APT actor?known variously as Berserk Bear, Energetic Bear, TeamSpy, Dragonfly, Havex, Crouching Yeti, and Koala in open-source reporting?has conducted a campaign against a wide variety of U.S. targets. The Russian state-sponsored APT actor has targeted dozens of SLTT government and aviation networks, attempted intrusions at several SLTT organizations, successfully compromised network infrastructure, and as of October 1, 2020, exfiltrated data from at least two victim servers.</p> <p>The Russian-sponsored APT actor is obtaining user and administrator credentials to establish initial access, enable lateral movement once inside the network, and locate high value assets in order to exfiltrate data. In at least one compromise, the APT actor laterally traversed an SLTT victim network and accessed documents related to:</p> <ul> <li>Sensitive network configurations and passwords.</li> <li>Standard operating procedures (SOP), such as enrolling in multi-factor authentication (MFA).</li> <li>IT instructions, such as requesting password resets.</li> <li>Vendors and purchasing information.</li> <li>Printing access badges.</li> </ul> <p>To date, the FBI and CISA have no information to indicate this APT actor has intentionally disrupted any aviation, education, elections, or government operations. However, the actor may be seeking access to obtain future disruption options, to influence U.S. policies and actions, or to delegitimize SLTT government entities.</p> <p>As this recent malicious activity has been directed at SLTT government networks, there may be some risk to elections information housed on SLTT government networks. However, the FBI and CISA have no evidence to date that integrity of elections data has been compromised. Due to the heightened awareness surrounding elections infrastructure and the targeting of SLTT government networks, the FBI and CISA will continue to monitor this activity and its proximity to elections infrastructure.</p> <ul> <li>Click here for a <a href="https://us-cert.cisa.gov/sites/default/files/Joint_CISA_FBI_CSA-AA20-296A__Russian_State_Sponsored_APT_Actor_Compromise_US_Government_Targets.pdf">PDF</a> version of this report.</li> <li>Click here for a <a href="https://us-cert.cisa.gov/sites/default/files/2020-10/AA20-296A.stix.xml">STIX</a> package of IOCs.</li> </ul> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy & Use</a> policy.</p> </div>
- Original release date: October 21, 2020<br/><p>Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for <a href="https://www.mozilla.org/en-US/security/advisories/mfsa2020-45">Firefox 82</a>, <a href="https://www.mozilla.org/en-US/security/advisories/mfsa2020-46">Firefox ESR 78.4</a>, and <a href="https://www.mozilla.org/en-US/security/advisories/mfsa2020-47/">Thunderbird 78.4</a> and apply the necessary updates.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy & Use</a> policy.</p> </div>
- Original release date: October 21, 2020<br/><p>Google has released Chrome version 86.0.4240.111 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the <a href="https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html">Chrome Release</a> and apply the necessary changes.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy & Use</a> policy.</p> </div>
- Original release date: October 21, 2020<br/><p>Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.</p> <ul> <li>Illustrator <a href="https://helpx.adobe.com/security/products/illustrator/apsb20-53.html">APSB20-53</a></li> <li>Dreamweaver <a href="https://helpx.adobe.com/security/products/dreamweaver/apsb20-55.html">APSB20-55</a></li> <li>Marketo <a href="https://helpx.adobe.com/security/products/marketo/apsb20-60.html">APSB20-60</a></li> <li>Animate <a href="https://helpx.adobe.com/security/products/animate/apsb20-61.html">APSB20-61</a></li> <li>After Effects <a href="https://helpx.adobe.com/security/products/after_effects/apsb20-62.html">APSB20-62</a></li> <li>Photoshop <a href="https://helpx.adobe.com/security/products/photoshop/apsb20-63.html">APSB20-63</a></li> <li>Premiere Pro <a href="https://helpx.adobe.com/security/products/premiere_pro/apsb20-64.html">APSB20-64</a></li> <li>Media Encoder <a href="https://helpx.adobe.com/security/products/media-encoder/apsb20-65.html">APSB20-65</a></li> <li>InDesign <a href="https://helpx.adobe.com/security/products/indesign/apsb20-66.html">APSB20-66</a></li> <li>Creative Cloud Desktop Application <a href="https://helpx.adobe.com/security/products/creative-cloud/apsb20-68.html">APSB20-68</a></li> </ul> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy & Use</a> policy.</p> </div>
- Original release date: October 20, 2020<br/><p>Oracle has released its Critical Patch Update for October 2020 to address 402 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Oracle <a href="https://www.oracle.com/security-alerts/cpuoct2020.html ">October 2020 Critical Patch Update</a> and apply the necessary updates.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy & Use</a> policy.</p> </div>
- Original release date: October 20, 2020<br/><p>The National Security Agency (NSA) has released a <a href="https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF">cybersecurity advisory</a> on Chinese state-sponsored malicious cyber activity. This advisory provides 25 Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages critical system administrators to prioritize the immediate patching of the CVEs in NSA?s <a href="https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF">advisory</a> and to review CISA?s Alert <a href="https://us-cert.cisa.gov/ncas/alerts/aa20-275a">Potential for China Cyber Response to Heightened U.S.?China Tensions</a>, which details potential cyber response to heightened tensions between the United States and China and provides specific tactics, techniques, and procedures (TTPs) and recommended mitigations to the cybersecurity community to assist in the protection of our Nation?s critical infrastructure.</p> <p>Review the CISA's <a href="https://us-cert.cisa.gov/china">Chinese Malicious Cyber Activity</a> page for more information on Chinese malicious cyber activity.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy & Use</a> policy.</p> </div>
- Original release date: October 20, 2020<br/><p>VMware has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.</p> <p>The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory <a href="https://www.vmware.com/security/advisories/VMSA-2020-0023.html">VMSA-2020-0023</a> and apply the necessary updates or workarounds.</p> <div class="field field--name-body field--type-text-with-summary field--label-hidden field--item"><p class="privacy-and-terms">This product is provided subject to this <a href="https://us-cert.cisa.gov/privacy/notification">Notification</a> and this <a href="https://www.dhs.gov/privacy-policy">Privacy & Use</a> policy.</p> </div>
