Helient® Blog

Upcoming Mandatory Changes for Microsoft Authenticator App

By Gregory Hall Senior Cloud Architect Systems Engineering Administrators can now prevent accidental Multifactor Authentication (MFA) approvals in Microsoft Authenticator with number matching, location context, and application context. The uptick in MFA fatigue attacks has resulted in the need for organizations to review, adopt, and enforce security best practices. In the process of protecting Azure […]

Read more >

Cisco SNMP Remote Code Execution Vulnerabilities

By Daniel Ruiz Practice Lead, Network Infrastructure The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to execute code remotely on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a […]

Read more >

Transport-Based Enforcement System in Exchange Online

                by Jeyakumar Durai (JD) Cloud Architect Microsoft is enabling a transport-based enforcement system in Exchange Online that will eventually block emails from unsupported and unpatched Exchange servers. The Enforcement system will run in Report mode for 30 days before it starts to throttle the emails progressively and […]

Read more >

Microsoft Mitigates Outlook Elevation of Privilege Vulnerability

by Jeyakumar Durai (JD) Cloud Architect Microsoft Threat Intelligence discovered limited, targeted abuse of a vulnerability in Microsoft Outlook for Windows that allows for New Technology LAN Manager (NTLM) credential theft. Microsoft has released CVE-2023-23397 to address a critical elevation of privilege (EoP) vulnerability affecting Microsoft Outlook clients that connect to both an on-premises Exchange […]

Read more >

Daylight Saving Time Alert – Important Reminder About Upcoming Clock Change

by Christopher Garcia Practice Lead – Desktop & Applications This is a reminder that Daylight Saving Time Begins at 2:00 AM (EST) on Sunday, March 12th. This semi-annual time change can cause major problems with VDI environments such as machine registration issues, session disconnects, and group policy failures. Whether using Citrix Provisioning Services, Citrix Machine […]

Read more >

Citrix Announces New CVAD VDA Security Vulnerability

by Daniel Ruiz Practice Lead, Network Infrastructure On February 14th, 2023, Citrix announced new Citrix Virtual Apps and Desktops Windows VDA vulnerability. If exploited, it could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Windows VDA.       Helient recommends that customers upgrade to the latest version of […]

Read more >

Upgrade Alert: Citrix NetScaler 12.1 Firmware No Longer Supported After May 2023

Citrix has recently shared important updates regarding the End of Maintenance and End of Life dates for version 12.1 of the Citrix ADC(NetScaler). Starting from May 2023, customers using version 12.1 firmware will no longer be eligible for technical support. If you would like more information or assistance from our industry-leading team of Citrix experts […]

Read more >

Helient Prepares Organization For Next Phase of Growth

January 2023, Philadelphia, PA – Helient Systems LLC (Helient) announces organizational changes to prepare the company for the next phase of growth. Helient has grown organically since inception serving Am 100 & 200 Law Firms. Founded by Steve Hatch and James Engelhard in 2012, Helient was designed to bring together top talent and experience to […]

Read more >

New Exploit Bypasses the URL Rewrite Mitigations in Exchange Servers

by Jeyakumar Durai (JD) Cloud Architect Exchange administrators are aware of the Zero-day vulnerabilities CVE-2022-41040, Server-Side Request Forgery (SSRF) and CVE-2022-41082, Remote Code Execution (RCE)  that were reported on September 29, 2022. Responding to these vulnerabilities, Microsoft initially released couple of immediate mitigations (URL Rewrite rule and Disable remote PowerShell access for non-admins) to be performed […]

Read more >

Citrix Announces New Vulnerabilities in Citrix ADC & Citrix Gateway (NetScalers)

by Daniel Ruiz Practice Lead, Citrix Technologies     Citrix announced new vulnerabilities discovered in Citrix ADC and Citrix Gateway. These vulnerabilities have the following identifiers:         Affected versions of Citrix ADC and Citrix Gateway: (Citrix ADC and Citrix Gateway version 13.1 is unaffected.) Citrix ADC and Citrix Gateway 13.0 before 13.0-58.32 […]

Read more >