Microsoft’s CVE 2022 – 30190 Vulnerability: What to Do?
Microsoft recently reported a critical zero-day vulnerability (CVE 2022 – 30190) regarding the Microsoft Support Diagnostic Tool (MSDT), which at the time, required a temporary fix but is now being resolved with a patch update later this month. If you’re currently a TSI managed client, this actively exploited vulnerability that enables threat actors to deploy malware into your environment and provide them access to your network was addressed, but if…
Continued
Russia/ukraine Conflict & the Potential Impact to Your Organization’s Cybersecurity Posture
As Russia began its invasion of Ukraine, there’s been a noticeable increase of cyber-attacks on organizations worldwide. The Russian State-Sponsored cybersecurity offensive isn’t aimed specifically at Government agencies or Defense contractors, but small companies like yours. As your cybersecurity partner, we implore you to take these threats seriously. The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) have warned organizations to be…
Continued
Windows 10 Version 20H2 To Reach End of Life
We’ve begun applying the Microsoft Windows 10 update (v. 21H2) for our clients so that their workstations continue receiving critical security patches and avoid the exploitation of this pending vulnerability. The patching process should happen during normal pre-scheduled time windows unless otherwise instructed. If you’re not working with TSI, we highly recommend that you reach out to your IT provider or staff to begin working on this as soon as…
Continued
Sophos Central Extends Support to Windows EOL Operating Systems
Microsoft has announced that effective February 1, 2022, it will no longer provide virus updates for the following end-of-life operating systems without the purchase of Sophos extended support. Server 2008 Windows 7 Linux CentOS 6 Linux CentOS 8 Linux Ubuntu 20.10 Linux Ubuntu 16.4 LTS Linux Ubuntu 12.4 Linux Redhat 6.8 Mac OS 10.14 Organizations that have a number of unsupported EOL systems will be impacted by this upcoming change.…
Continued
CMMC 2.0 Changes and What They Mean to Your Organization’s Compliance Strategy
The announcement of CMMC 2.0 has garnered a lot of attention throughout the Defense Industrial Base (DIB). With that attention comes the anxiety of change and uncertainty, especially for both the DIB and their consultants who have already made considerable progress toward accomplishing their CMMC objectives. Although these changes seem daunting, it’s important to consider that most of these changes are simply a refinement of the existing CMMC requirements, rather…
Continued
Four Ways vCISOs Help Avoid CMMC Compliance & Security Program Mistakes
If you operate within the U.S. defense industrial base (DIB), you’re likely well aware of the CMMC—and now the CMMC 2.0’s—compliance mandates, including the immediate and long-term impact they will present to your organization. Despite the challenges and steep costs associated with implementing a CMMC compliant environment, doing business with the Department of Defense (DoD) will require DIB contractors to adhere to this compliance framework, which is nothing short of…
Continued
5 CMMC 2.0 Updates You Need to Know!
As you may have heard, the recent changes to the CMMC requirements have caused many DIB contractors to rethink their compliance implementation strategies so we wanted to take this opportunity to help clarify some of the most common questions our own clients have been asking as well as share some critical- and not so obvious- insights to help steer your organization in the right direction during this provisional review period.…
Continued
TSI Joins Exostar’s CMMC Partner Network to Help DIB Companies Navigate Evolving DoD Cybersecurity Requirements
TSI’s Clients to Benefit from Exostar’s Robust, Easy-to-Use DoD Cybersecurity Compliance Products FOXBORO MA-June 9th, 2022: TSI, an IT Managed Services (MSP) and Managed Security Service Provider (MSSP), today announced it has joined Exostar’s CMMC partner network to help DoD contractors navigate and fulfill their Defense Federal Acquisition Regulation Supplement (DFARS) cybersecurity compliance requirements, including NIST 800-171 and CMMC 2.0. By leveraging Exostar’s powerful application, Certification Assistant, TSI will be…
Continued
What To Do: Apache’s Log4j Vulnerability
Apache’s Log4j is a powerful open-source logging library used by millions of developers worldwide. However, Apache recently discovered an extremely dangerous vulnerability that could leave your applications and servers vulnerable to attack! In this blog post, we will explain what the Log4j vulnerability is, and how you can protect your organization from being exploited. We will also provide instructions on how to upgrade your Log4j installation. So don’t wait –…
Continued
Jonas: Target of a Security Breach
We wanted to bring to your attention that Jonas has recently been the target of a security breach. The breach appears not to pose any immediate risk at present, but it may become an issue down the road, so we’re proactively reviewing updates from JONAS to address the potential impact. In short, we wanted to take the opportunity to address any potential concerns you currently may have and inform you…
Continued
Cyber Security Policy Starter Kit:
10 Critical Policies That Every Company Should Have in Place
