June 2019 - In the Boxing Ring

 

In the Boxing Ring

 

Download the latest edition:

In the Boxing Ring - June 2019 [PDF]

 

In the Boxing Ring - June 2019

 

4 June 2019 - Welcome to the June 2019 edition of ‘In the Boxing Ring’.

 

This month, we discuss the ongoing issue of Administrative Systems access from the Internet. This was highlighted by the recent CVE-2019-0708, a remote code vulnerability in Microsoft Remote Desktop Services. Whilst it is helpful to have such remote access, even with strong authentication enabled, permitting direct access to Administrative Systems from the public Internet is a very bad idea. You are reliant on your authentication system being perfect, reliant on your users never making mistakes, reliant on the software being perfect, and relying on credentials not having been leaked / discovered from other systems. On pages 2 to 3 we discuss our recommendations for CVE-2019-0708, and highlight how can Network Box securely provide remote administrative access, if required.

 

On page 4, we highlight the features and fixes to be released in this month’s patch Tuesday for Network Box 5.

 

In other news, Network Box Managing Director was asked by RTHK Radio 3 to share his opinion on growing concerns about the privacy issues raised by facial recognition technology. In addition, we present some upcoming Network Box events; and finally, we highlight security headlines which affecting: Equifax, Salesforce, Cisco, UNIQLO, Binance, and SAP.

 

> All editions of In the Boxing Ring