Helient® Blog
Vulnerability in Duo’s Authentication Proxy Server Software
by Michael Trantas Senior Solutions Architect We would like to make our Duo customers aware of a recently discovered vulnerability in Duo’s Authentication Proxy server software. Under the “authproxy.cfg” configuration described below, attackers can exploit this vulnerability to bypass second factor authentication. While there is no evidence of this vulnerability being exploited in the field, […]
Aaron Silber Joins Helient Systems as Managing Director – Helient™ Expands NYC Branch
Helient Systems is pleased to announce that Aaron Silber has joined the company as a Managing Director responsible for regional operations throughout the greater New York City area. Aaron will focus his talents and expertise on expanding Helient’s services and consulting team in the region providing business and technical leadership implementing desktop and application virtualization […]
Important Reminder about Upcoming Clock Change
by Jamie Engelhard, Chief Technology Officer This is a reminder that Daylight Saving Time will end at 2:00 AM on Sunday, November 6th. This semiannual time change can cause major problems with VDI environments such as machine registration issues, session disconnects, and group policy failures. Whether using Citrix Provisioning Services, Citrix Machine Creation Services, or […]
Large Denial of Service Attack Affects Dyn
Reported by: William Fulmer, Chief Engineering Officer Overnight a large denial of service (DDoS) attack affected Dyn, a major DNS host. Level3 is also adversely affected. Remote access for some clients has been affected and this attack is believed to be the root cause. As of this morning the situation has not been fully resolved. […]
Microsoft Includes Windows 10 Anniversary Edition Update Version 1607
By Armen Gharibian, Desktop & Applications Architect Microsoft has included the Windows 10 Anniversary Edition (version 1607) update in this month’s Patch Tuesday cycle. Please be advised, this version should be tested thoroughly before being deployed in your environment. Do not forget to download and update your Group Policy ADM/ADMX files for version 1607 here. […]
Upgrading to iOS Version 9.3.5 — Why It’s So Important
By Michael Trantas, Senior Solutions Architect Apple recently released iOS version 9.3.5 and everyone should be updating – now. This update patches three specific vulnerabilities – CVE-2016-4655, CVE-2016-4656 and CVE-2016-4657. This trio of vulnerabilities, known as “Trident” can deliver and install Pegasus – malware that creates a backdoor, allowing an attacker a persistent presence on […]
Critical Zero-Day Vulnerability in Flash Player
by Mark Farish, Senior Systems Engineer Adobe Systems has released a security advisory for a critical zero-day vulnerability (CVE-2016-4171) that exists in Flash Player 21.0.0.242 and earlier versions, relevant on Windows, Macintosh, Chrome and Linux operating systems. Adobe plans to address the vulnerability in a security update, which Adobe expects to have available on June 16, […]
Support for Microsoft SQL Server 2005 Has Officially Ended
by Mike Trantas, Senior Solutions Architect April 12th, 2016 came and went without much fanfare. What you may not realize is that Microsoft’s mainstream support for SQL Server 2005 has officially ended. If your company currently uses SQL server 2005 in its environment, now is the time to discuss an upgrade and understand what […]
Daylight Savings Time & VDI Issues
by Jamie Engelhard, Chief Technology Officer With the Daylight Savings Time change this past weekend, Helient has been fielding a number of calls from clients experiencing issues with VDI machine registration, session disconnects, and group policy failures. Whether using Citrix Provisioning Services, Citrix Machine Creation Services, or VMware View Linked Clones, non-persistent machines revert […]
Spear Phishing: What Is It and How to Protect Yourself
by Mark Farish, Senior Systems Engineer What is Spear phishing (or email spoofing)? Emails that are deceptive – ones that visibly look like they are coming from an individual or a company but realistically are not. This malicious act of sending an email with a forged “from” address. The emails are made to appear as […]