All Articles

For the past few months, the security community did not surprise its audience with anything interesting, but this week there have been a few updates worth to share:

1. The administrative web services interface in Juniper ScreenOS before 6.3.0r21 allows remote attackers to cause a denial of service (reboot) via a crafted SSL packet. There are more denial types of vulnerabilities found in Juniper software. 
2. Multiple gnu_glibc libraries vulnerabilities potentially exposing threat to cause denial of service were discovered. 
3. The most interesting is Xen overflow vulnerability. This vulnerability allows guest to corrupt physical host. Those type of vulnerabilities are troubling security professionals, showing that information technology should not blindly trust virtualization encapsulation.  

All Digital Edge managed or co-managed clients will be patched according to individual schedules. 
If you feel that you need assistance from the Digital Edge Security team please contact Danielle Saladis at dsaladis@DIGITALEDGE.NET. 
Please click here for more information. 

Digital Edge is committed to providing the highest levels of security within all the IT infrastructure environments under its care. In order to achieve this utmost goal for all of our clients, we continuously maintain vigilance both on the productive side of IT as well as on its destructive side. We thus send out news and security bulletins such as this one from time to time to ensure that our clients are informed and educated on any important developments in IT security and are fully aware of what we are doing to ensure that we and our clients are always at the Cutting and at the Digital Edge of technology.

Digital Edge has decided to simply classified types of attacks, so that when we discuss tools and vectors we will refer this document. 

1. Frontal Assault

1.a - Code Tampering: This type of attacks are conducted from outside of a client's, by probing open ports and trying to force the code behind those ports to do unwanted actions, allowing hackers either remote execution, illegal upload with further execution, or system crash. 
1.b - Brute Force: An attacker uses techniques that are trying multiple combinations of passwords and keys trying to pick correct combination. 
1.c - Denial Attack: When an attacker creates either a large number of requests or specifically crafted requests or both at the same time to cause a client's system to stop responding. 
1.d - Floods: An attacker creates large amount of traffic, produced by hacker's controlled infected machines - "bots or zombies" to simply overflow capacities of the client networks or their ISPs.

2. Internal Assaults

2.a - Browser Scripting Attacks: During this attack, a hacker is convincing a user to go to a malicious website. Such website has a java or other scripting code that cause client's browser to perform unwanted actions, infect the computer, download unwanted software, etc. 
2.b - Email Attacks: During this attack, a hacker tricks a user to open an attachment that has a code that causes the opening program such as MS Office, Adobe PDF viewer, etc. to perform unwanted actions, such as infect the computer, download unwanted software etc.
2.c - Removable Media Attacks: This attack is conducted through an infected removable media. A USB memory card may have a malicious software that is executed when the storage is attached to the client's computer. 
2.d - BOYD Device Attack: A hacker would be able to infect client's personal desktop or personal phone and wait for when the user will bring it to the office. The infected "own" device can spread infection inside the local network. 

In the future, the Digital Edge Security Team will publish Security Solutions Reviews which will always refer to this classification, specifying which security challenge the solution is supposed to solve.

On Tuesday, April 5, Digital Edge was pleased to be a Premier Sponsor of Evolve: Evolution of the Data Center, a networking event focused on discussing IT Solutions that can improve efficiencies of the data center and the B2B environment.  As our industry rapidly evolves, there was packed house at the iconic Monarch Rooftop Lounge in Manhattan gathered together to exchange knowledge and network. 

As a top-tier, Enterprise Cloud Solution Provider, Digital Edge’s CEO, Michael Petrov gave a crowd pleasing presentation on the price efficiency of Managed Enterprise Cloud Solutions vs. Unmanaged Public Cloud. If you want to check Digital Edge’s Cloud Price Assessment tool, please click here! Additionally, if you have an RFP or a project and want us to participate in the conversation, please click here. 

Together with our partners, Telehouse, Fujitsu, Huawei, and PSSC Labs, Digital Edge was proud to have hosted the “must attend” event of the spring, while gaining and sharing insights and building relationships with colleagues, clients, partners, prospects, and friends. Thank you all to attended and Digital Edge looks forward to seeing you again soon! Check out our photos from the night here!

Digital Edge received this White Paper from Plexxi, written by Plexxi in a partnership with Colovore,  King Star Computer, and Piston. We feel that this white paper has great importance to the IT community as there is a current misconception of the cost savings of the cloud is “as high as ever”. 

Digital Edge has reached out to Plexxi to permit us to re-publish this White Paper, however have not yet received any feedback. If we are requested to do so, we will remove it from our White Paper section. 

This white paper is completely aligned with Digital Edge’s view on TCO and ROI. Additionally, this paper explains latest news from Apple, that the company is planning to build their own datacenters, thus leaving AWS with a few billion dollar gap in AWS’s yearly gross sales.

March of Dimes online fundraising is responsible for large amount of money. Their E-business functionality is running in a private VMware based cloud operated by Digital Edge. The environment is stress-tested for 22,000 concurrent users and configured for high availability with provision of business continuity.

A New York chartered trust and banking company. Digital Edge provides production support for day to day IT operation including monitoring and remediation for batch processing, reporting, client facing portals, clients SLAs as well as change management, technology roll outs and SME consultations.

An American Diversified Financial Services Holding Company (one of the 10 largest banks in United States). Digital Edge supports Infrastructure and Processing of Alternative Investment Administration and other Fund Technologies. The infrastructure implements high availability, high performance and DR solutions.

For many years, Digital Edge has been supporting the Automation of Business Processes and Technologies for Macy’s Advertisement. Our Automation Solutions allow Macy’s Advertisement to increase efficiency in advertisement workflow and provide better visibility into advertisement efficiency.