CMA is working closely with all of our vendors and security providers to monitor the evolving situation around the Apache Log4j vulnerability. We will be proactively applying updates to our infrastructure and that of our managed services customers as they become available. For our customers who manage their own IT infrastructure, we recommend reviewing this Continue Reading
CMA Blog
Thoughts and updates on everything CMA
Category Archives: Security
The Importance of Multifactor Authentication for your Organization
What is Multifactor Authentication? Multifactor authentication (MFA) is a security control used to verify user identity by prompting two or more authentication factors prior to logging into your applications and accounts. MFA uses two different types of authentication – something you know (a password) and something you have (your cell phone). At its simplest, it Continue Reading
VMWare vCenter Vulnerability Subject to Exploitation
On Tuesday, September 21, VMware released a patch advisory for a new remote code execution (RCE) vulnerability in VMware vCenter Server tracked as CVE-2021-22005. Partial proof of concept (PoC) exploit code for CVE-2021-22005 has surfaced publicly and threat actors have begun to scan the internet for publicly accessible vulnerable vCenter Servers. Although the full working Continue Reading
Ransomware Awareness for Upcoming Holiday Weekends
Prior to the Labor Day holiday, the Cybersecurity & Infrastructure Security Agency released information regarding a recent trend of ransomware attacks taking place over holiday weekends, when the attackers believe that IT and Security teams may be on vacation or not paying as close attention to their networks. In May 2021, leading into Mother’s Day Continue Reading
PrintNightmare, Critical Windows Print Spooler Vulnerability
The CERT Coordination Center and CISA are warning all IT administrators about a remote code execution vulnerability in the Windows Print Spooler service. This vulnerability has PoC exploit code that has been published, making the risk of attack high. An attacker can exploit this vulnerability, nicknamed PrintNightmare, to take control of an affected system. CISA Continue Reading