3 min read

[Security Tip] Threats, Vulnerabilities, and Patches - Oct 10, 2021

By Prime Care Tech Security Team on Thu, Oct 14, 2021 @ 03:34 PM

Does your IT team track reported security threats, vulnerabilities, and patches as often as weekly? We do. In fact, our primeCLOUD customers receive notifications about the impact each week, along with an explanation of how our team is mitigating risk on their behalf. Review last week's summary to understand the potential impacts and interventions. 

Effective October 10, 2021

High Impact

No new impacts since Oct 3, 2021 report.

Medium Impact

No new impacts since September 19, 2021 report.

Low Impact

Source

Product

Type

Cisco

Multiple

Security Updates

Mozilla

Firefox, Firefox ESR

Security updates

 

No Impact

*Prime Care Tech team assessed and determined our clients are not impacted/using product

Source

Product(s)

Type

CISA

Multiple

Security Advisory Honeywell Experion and ACE Controllers

Apache

HTTP Servers

Security update

Apache

Server

Address Vulnerabilities under exploitation

CISA

n/a

Advisory remote users

CISA

Multiple

Security advisory for Honeywell Experion and ACE controllers

 

The constantly increasing demands of securing your data against cyber criminals make it challenging to keep up. If you need help staying on top of your game, get in touch.

What's an IT Assessment?

Perhaps someone from your organization could also benefit from these security alerts?

Subscribe a Colleague
Topics: primeCLOUD cyber security security vulnerabilities cyber criminals security patches security threats
2 min read

[Security Tip] Threats, Vulnerabilities, and Patches - Oct 3, 2021

By Prime Care Tech Security Team on Tue, Oct 12, 2021 @ 04:36 PM

Does your IT team track reported security threats, vulnerabilities, and patches as often as weekly? We do. In fact, our primeCLOUD customers receive notifications about the impact each week, along with an explanation of how our team is mitigating risk on their behalf. Review last week's summary to understand the potential impacts and interventions. 

Effective October 3, 2021

High Impact

Source

Product(s)

Type

ManageEngine

ADManager Plus

Security fix for critical vulnerability

VMware

n/a

Security update

 

Medium Impact

No new impacts since September 19, 2021 report.

Low Impact

No new impacts since September 19, 2021 report.

No Impact

*Prime Care Tech team assessed and determined our clients are not impacted/using product

Source

Product(s)

Type

CISA/NSA

Multiple

Guidance on selecting and hardening VPNs

 

Topics: primeCLOUD cyber security security vulnerabilities cyber criminals security patches security threats
1 min read

Fall Webinar Series: Senior Care 2022 - Evaluation to Reinvention

By Prime Care Tech Marketing on Sun, Oct 10, 2021 @ 01:50 PM

Join executive advisors from Health Dimensions Group (HDG) for an exciting Fall webinar series to help senior care/living operators with a 2022 strategy.

Our first session, Resizing operations based on your data is on October 21 at 2PM ET and will include HDG's CEO Erin Shvetzoff Hennessey and consulting EVP Darrin Hull. They'll discuss the importance of evaluating operational areas and strategies for realigning to impact your financial success and improve quality.

Additional sessions include:

After each session, we'll offer a brief demo of how technology can help. So, save your seat(s) and invite some colleagues!

Topics: primeVIEW senior living Health Dimensions Group senior care resizing operations HDG evaluating data
7 min read

[Security Tip] Track Threats, Vulnerabilities, and Patches Weekly

By Prime Care Tech Office of Compliance on Mon, Sep 27, 2021 @ 11:50 AM

Does your IT team track reported security threats, vulnerabilities, and patches as often as weekly? We do. In fact, our primeCLOUD customers receive notifications about the impact each week, along with an explanation of how our team is mitigating risk on their behalf. Review last week's summary to understand the potential impacts and interventions. 

Effective Week Ending September 19, 2021

High Impact

Source

Product(s)

Type

Microsoft

NTLM Relay

Mitigation advice for PetitPotam attacks 

AMD Ryzen

Chipset Driver

Patches for security vulnerabilities

 

Medium Impact

Source

Product(s)

Type

Intel

Multiple

Multiple security updates

FBI

n/a

Indicators of compromise associated with Hive ransomware

Google

Chrome

Security updates

Microsoft

Multiple

Mitigation advice and workarounds for zero-day threat CVE-2021-40444

 

Low Impact

Source

Product(s)

Type

ManageEngine

ServiceDesk Plus

Update for remote code execution (RCE) and server-side request forgery (SSRF) vulnerabilities

Pulse Secure

Secure Connect

Security update

 

NOTE: Remediation depends entirely on third-party, sole-source software supplier (Verizon Enterprise Solutions) and new hardware deployment (est. mid-October)

Microsoft

Multiple

Security updates (Aug 2021)

Atlassian

Confluence Server and Data Center

Security updates

Mozilla

Firefox, Firefox ESR, and Thunderbird 

Security updates

Microsoft

Multiple

Security updates (Sep 2021)

 

No Impact

*Prime Care Tech team assessed and determined our clients are not impacted/using product

Source

Product(s)

Type

WordPress

WordPress

Security update

Fortinet

FortiManager
SD-WAN Orchestrator

Patch for improper access control vulnerability

Apple

iOS and iPadOS 14.8

Security updates

SAP

Multiple

Security updates (Sep 2021)

Citrix

ShareFile Storage Zones Controller

Security update

Drupal

n/a

Multiple security updates

Microsoft

Azure Linux Open Mgt Infrastructure

Security update

FBI-CISA-CGCYBER

ManageEngine
ADSelfService Plus

Advisory on advanced persistent threat (APT) exploitation of vulnerability

 

The constantly increasing demands of securing your data against cyber criminals make it challenging to keep up. If you need help staying on top of your game, get in touch.

What's an IT Assessment?

Perhaps someone from your organization could also benefit from these security alerts?

Subscribe a Colleague

Topics: cyber security security vulnerabilities cyber criminals security patches security threats
1 min read

Should Senior Care Organizations Consider IT Outsourcing?

By Prime Care Tech Marketing on Sun, Sep 19, 2021 @ 03:12 PM

The growing risks associated with data/system security have prompted many senior care organizations to wonder if outsourcing IT is better than managing it in-house. Certainly, it relieves executives of some worries, but how do you decide what's right for your organization?

So, what are some drivers for IT outsourcing?

  • Organizations want to achieve efficiency and cost savings.
  • Organizations do not have financial or technical resources to develop/maintain an enterprise risk management plan.
  • Organizations struggle to bring all parts (procurement, operations, security, etc.) together to establish IT requirements

To help, the National Risk Management Center (NRMC) at the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) compiled Risk Considerations for Managed Service Provider Customers. Following are some highlights on what to consider when outsourcing.

Strategic Considerations

  • Balance cost-effectiveness and efficiency with reliability and security
  • Account for risks with multiple IT vendors
  • Even with outsourcing, executives should still:
  • Maintain awareness of the technologies and systems
  • Understand risks from potential loss of 1) core systems/services; 2) confidentiality, integrity, and data availability; 3) consumer/market confidence; and 4) productivity and financial (fines, legal fees, or other regulatory costs).

Operational Considerations

  • Coordinate procurement, operations, continuity, and security requirements to decrease enterprise risk and improve system performance.
  • Organizations with staff dedicated to each of these functions should coordinate IT requirements across organizational silos.
  • Organizations with non-dedicated staff should have an enterprise risk management plan to account for each requirement.

Tactical Considerations

  • Continue to drive policies around network access, controls, and logs.
  • Identify staff to monitor/manage the day-to-day activity of IT providers.
  • Set careful access policies for all third-party vendors.

If your organization is considering IT outsourcing, we can help. Take a look at our primeCLOUD service suite or get in touch to discuss.

What's an IT Assessment?

Topics: MSP primeCLOUD IT Outsourcing managed service provider

Featured

Posts by Tag

See all