All Articles

In an effort to help organizations to better assess candidates, their level of expertise and knowledge of relevant subjects, Digital Edge and Appcore Solutions (https://appcoresolutions.com/) have designed and built an IT Skills Assessment Platform.

This platform gives organizations the ability to create custom tailored online tests for each job opening. Additionally, this system also allows your organization to invite your candidates to take relevant tests and preview the results. 

Currently, Digital Edge utilizes this system to pre-screen candidates before an initial face-to-face meeting. We invite you to take a test drive and share your opinion about the system, its concepts and features.

We invite you to take a test drive and share your opinion about the system, its concepts and features.

Please try the system:

www.perfectknowledge.com

Please click the link below to get more details and access to the system!

Read more about the platform here. 

Traffic analytical tools can cause unintentional sensitive information disclosure.  

Most of precisely targeted attacks on IT infrastructures are originated from outside of security perimeters of the victimized organizations. However, the security openings allowing cyber attackers to breach security mechanisms overwhelmingly originated either with unintentional help of insiders or disclosure of sensitive information. 

Read more on this subject and how the Digital Edge Security Team helps clients mitigate or prevent these risks.

There is a great relief for the many companies which still use legacy systems that are no longer supported by the manufacturer, as the case with Windows XP and Windows Server 2003 - Microsoft is including these operating systems in the updates to patch for the existing vulnerabilities exposed in this attack. For those customers who still have legacy systems, this is vital to protect their overall customer ecosystem.
 
Download English language security updates for: 

• Windows Server 2003 SP2 x64
• Windows Server 2003 SP2 x86 
• Windows XP SP2 x64
• Windows XP SP3 x86 
• Windows XP Embedded SP3 x86
• Windows 8 x86
• Windows 8 x64

To download localized versions for the security update for Windows XP, Windows 8 or Windows Server: http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

As per all news agencies and cyber security organizations, multiple countries are under a massive ransomware attack. The ransomware spreads through Europe but specialists are sure that it will eventually spill into US. 

The Digital Edge Security Team is assessing the situation and will assist all the clients and any IT organization that require cyber security help. 
 
We feel that the threat is serious as the infection has a “hunting” functionality that is used to infect other computers that the infected computer has access to through vulnerable Windows SMB Protocol. Microsoft Windows vulnerability called EternalBlue is used by NSA tools leaked to WikiLeaks earlier. The attack might be inspired by NSA weaponry or by NSA itself.

Simply put, if a user opens a malicious email or a website on a desktop that was not patched after March 14, 2017,  there is a big chance that the user’s computer will be infected and the virus will spread inside of the organization.  

Please open a support ticket if you need immediate help at: https://www.digitaledge.net/support/
 
Please click here for more information how to protect your systems.

More and more, security organizations report cyber security vulnerabilities in devices that are not exactly computers. Those devices may include routers, video cameras, and other “internet of things” gadgets. 

It is critically important to know that your home devices with access to the internet are secured. Some of these weaknesses could be related to well-known default user ID and password combinations or whereas, some devices do not even have patching capabilities making people permanently vulnerable. 

Digital Edge is monitoring known vulnerabilities in consumer devices and notifying our friends and colleagues about such cases. 

Click here to see recent vulnerable devices.
 

As of May 1, 2017, Digital Edge is proud to announce its official certification of the International Standards Organization (ISO) 27001 framework for Information Security Management, a specification for an information security management system (ISMS). ISO is an independent, non-governmental international organization with a membership of 163 national standard bodies. ISO is credited for publishing more than 2100 international standards, covering almost every industry, from technology, to food safety, to aviation and healthcare. By adopting the ISO 27001 framework, Digital Edge will protect businesses from threats, including internet fraud, hacking, overseeing of transactions and other cyber security threats.

Undergoing the process of getting certified by ISO is vital to Digital Edge because these standards evaluate process effectiveness and better structures company management and growth. Digital Edge’s clients will always be insured with quality services with the core value of “Stability, Security, Efficiency, and Compliance”. Digital Edge received this certification with minor and no major non-conformities, proving once again that our security processes are constant. 

Receiving the ISO 27001 certification, proves that Digital Edge’s processes meet the best quality and security standards for our clients. Digital Edge guarantees our clients and partners are receiving outstanding services, demonstrating our serious commitment to these security controls.

The Federal Trade Commission (FTC) has announced a new web site – a single point to report Identity Theft - https://identitytheft.gov/

In many cases, reports from this site will be accepted as an official police report. 

Please see how Digital Edge’s Log Management Service can be utilized as an SIEM (Security Information and Event Management) Dashboard.

Digital Edge was engaged by a US based hardware manufacturer to implement Cisco Identity Manager and BYOD Policies. The client infrastructure is deployed in US Based headquarters, 2 offshore development offices, 2 datacenters, and AWS web services.

The project was successfully delivered and accepted in April 2017. 

Author: Danielle Johnsen (VP of Compliance)
Date: 5 April 2017
Version: 2.0

This document defines Digital Edge’s policy on Information Security and is based on the following principles.

New remote execution vulnerability (CVE-2017-7269) was recorded in the National Vulnerability Database for Windows 2003 R2 IIS6 last week. Exploitation of this vulnerability allows a remote attacker to execute code on the vulnerable web server. 

Thus, potentially allowing hackers to take over the whole system, install remote control systems and propagate within local network conducting local attacks. Results of the exploitation might be catastrophic for organizations. Microsoft will not provide a patch for this vulnerability, as OS is not officially supported. 

Read the Digital Edge Security Team analysis and mitigation mechanisms here.