The Lawyer’s Copilot
Kraft Kennedy - Technology and Management Consulting
by Claire Evans
1M ago
The Lawyer’s Copilot Imagine the advantage gained by a lawyer preparing for a case and having virtually instant access to the specific arguments used in similar cases and summaries of relevant laws? Consider the value of being able to ensure consistency across all documents. A tool designed to streamline workflow and increase productivity is gaining rapid adoption across law firms. Future focused organizations across the industry are leveraging Microsoft Copilot (a chatbot that was developed as a next iteration of the discontinued Cortana) to harness the power of AI.  According to a Redr ..read more
Visit website
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-6548 and CVE-2023-6549
Kraft Kennedy - Technology and Management Consulting
by Claire Evans
2M ago
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-6548 and CVE-2023-6549 Issue Two vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway). CVD-ID Description Pre-Requisites CWE CVSS CVE-2023-6548 Authenticated (low privileged) remote code execution on Management Interface Access to NSIP, CLIP or SNIP with management interface access CWE-94 5.5 CVE-2023-6549 Denial of Service Appliance must be configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server CWE-119 8.2 ..read more
Visit website
Citrix Session Recording Security Bulletin for CVE-2023-6184
Kraft Kennedy - Technology and Management Consulting
by Claire Evans
2M ago
Citrix Session Recording Security Bulletin for CVE-2023-6184 Issue A vulnerability has been discovered in Citrix Session Recording, which, if exploited, may result in an authenticated user being able to perform an RCE. CVD-ID Description Pre-Requisites CWE CVSS CVE-2023-6184 An authenticated user can perform RCE Attacker must possess admin privileges to the Session Recording server CWE-913 5 Additional Information The following supported versions of Citrix Session Recording are affected by the vulnerability: Current Release (CR) Citrix Virtual Apps and Desktops before 2311 Long Term ..read more
Visit website
Citrix StoreFront Security Bulletin for CVE-2023-5914
Kraft Kennedy - Technology and Management Consulting
by Claire Evans
2M ago
Citrix StoreFront Security Bulletin for CVE-2023-5914 Issue A vulnerability has been discovered in Citrix StoreFront, which, if exploited, may result in a Cross-site scripting (XSS) attack. CVD-ID Description Pre-Requisites CWE CVSS CVE-2023-5914 Cross-site scripting (XSS) Requires victim to access an attacker-controlled link in the browserr CWE-79 5.4 Additional Information Affected Versions: The following supported versions of Citrix StoreFront are affected by the vulnerability: Current Release (CR) Citrix StoreFront before 2308.1 Citrix StoreFront before 2311 Long Term Service Rel ..read more
Visit website
Breaking Up is Hard to Do: 5 Reasons Law Firms Change IT Providers
Kraft Kennedy - Technology and Management Consulting
by Tracy
2M ago
Breaking Up is Hard to Do: 5 Reasons Law Firms Change IT Providers In the nonstop world of law firms, technology has become a business-critical component of operations. The depth and breadth of expertise required to deliver seamless, secure law firm technology has resulted in an industry wide shift to enlisting Managed Service Providers (MSPs) for IT Support. While outsourced IT Management is increasingly common, the client experience is not always popular; not all MSPs are created equal. It’s not uncommon to wish for a better technology experience (appreciation for time sensitive nature of th ..read more
Visit website
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 (Citrix Bleed)
Kraft Kennedy - Technology and Management Consulting
by Claire Evans
4M ago
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 (Citrix Bleed) Issue Additional action is recommended to address CVE-2023-4966, which is being called Citrix Bleed. Timeline October 10, 2023 – Citrix posted a security bulletin regarding CVE-2023-4966 and CVE-2023-4967 affecting NetScaler ADC and NetScaler Gateway. October 17, 2023 – Citrix updated the bulletin to indicate that exploits of CVE-2023-4966 on unmitigated appliances have been observed. October 18, 2023 – CISA added an entry for CVE-2023-4966 to it’s Known Exploited Vulnerabilities (KEV) catalog. October 23, 2 ..read more
Visit website
Microsoft Authenticator App Update
Kraft Kennedy - Technology and Management Consulting
by Claire Evans
4M ago
Update to Microsoft Authenticator App  In the past few weeks, the Kraft Kennedy Support Team received numerus reports of the Microsoft Authenticator App failing to send Authentication requests. It turns out this is an intentional change on the part of Microsoft.  For organizations using this form of Multi Factor Authentication, we’re sharing the instructions we are providing to users looking for the missing notifications.  If you find yourself waiting for an Authentication request that doesn’t arrive, open the Microsoft Authenticator app on your phone to locate the sign-in. Why ..read more
Visit website
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-4966 and CVE-2023-4967
Kraft Kennedy - Technology and Management Consulting
by Claire Evans
5M ago
Issue Multiple vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway). CVD-ID Description Pre-Requisites CWE CVSS CVE-2023-4966 Sensitive information disclosure Appliance must be configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server CWE-119 9.4 CVE-2023-4967 Denial of service Appliance must be configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server CWE-119 8.2   Additional Information Affected Versions: The following supported versi ..read more
Visit website
Extended Security Updates (ESUs) for Windows Server 2012/R2 via Azure Arc
Kraft Kennedy - Technology and Management Consulting
by Tracy
5M ago
Extended Security Updates (ESUs) for Windows Server 2012/R2 via Azure Arc Windows Server 2012 and 2012R2 will reach End of Support on October 10, 2023. Ideally you’ll have all Win2012/R2 servers decommissioned, upgraded, or replaced by then, but if you find yourself in a situation where they have to remain running, and you need to ensure that the servers receive Extended Security Updates (ESUs), Azure Arc may be an easy option. Among other things, Azure Arc allows non-Azure VMs to be managed via the Azure portal. 3 steps for onboarding VMs and adding ESUs Run a script to onboard non-Azure VMs ..read more
Visit website
Risky Business: ChatGPT in the Workplace
Kraft Kennedy - Technology and Management Consulting
by Ricky Carr
7M ago
While AI platforms such as ChatGPT are transforming the way we communicate, learn, and do business, they also pose major security risks. ChatGPT aggregates data from various sources and uses that data to learn and improve. When you enter something into ChatGPT, it becomes part of the global ChatGPT knowledge base. If you enter sensitive information such as client data or trade secrets into ChatGPT, that information becomes openly available to all other ChatGPT users. In short – ChatGPT is not confidential. This is clearly untenable for businesses. At Kraft Kennedy, security is at the forefront ..read more
Visit website

Follow Kraft Kennedy - Technology and Management Consulting on FeedSpot

Continue with Google
Continue with Apple
OR