Over the coming months, Microsoft will be publishing security updates related to Advisory ADV190023 that will significantly affect how LDAP can be used in a Microsoft Active Directory (AD) environment. In the first round of security patches scheduled for March 2020, logging will be enabled by default for insecure LDAP connections. In the second half of 2020 (so no earlier than July), insecure LDAP communications will be blocked. This will affect all external systems that make use of LDAP to synchronize and authenticate users.
Today a collection of five vulnerabilities affecting Cisco phones and switches has been published. These vulnerabilities, identified collectively as CDPwn by Armis, the security firm that discovered them present a significant risk in many enterprise environments. For most enterprise customers, the vulnerabilities affecting phones (CVE-2020-3111) and switches running NX-OS (CVE-2020-3119 and CVE-2020-3120) are the principle areas of concern.
Topics: CDPwn Vulnerabilities
Businesses cannot afford to stand still if they want to maintain their competitive advantage. Today’s success stories can suddenly become tomorrow’s has-beens if they fail to evolve. That’s why the cloud is so compelling – it provides companies with an ideal platform for change, not just at the operational level but also when it comes to strategy and decision-making.
It’s easy to see the upfront costs of traditional moves, adds, changes in Cisco’s Unified Communication applications. Time X Salary, right? That’s how we measure cost. But like the old story of the iceberg, where we only see 10% above water, 90% remains hidden underwater. There are always hidden costs that can surpass what we traditionally see as costs, and it’s these hidden costs that can sink ships.
On December 19th 2019, all Canadian carriers will have to comply with a new CRTC policy for the “universal blocking of calls with blatantly illegitimate caller identification.” The objective of this policy is to protect the public against unwanted, unsolicited, and illegitimate telecommunications. Since many such calls often display an invalid caller ID, the CRTC expects this measure to at least reduce the number of SPAM calls, although it is clear they will not be completely eliminated.