US-CERT: A Free Resource for Vulnerability Information

Btech is the market leader in providing affordable managed IT security services for credit unions.

Is Your Network At Risk?

The United States Computer Emergency Readiness Team (US-CERT) routinely "provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and technology (NIST) National Vulnerability Database (NVD)."

The US-CERT website is one of many resources Btech relies upon to be up to date on vulnerabilities and current security issues.

Is your network patch status currently up to date? If you are a current Btech Patch Management client, you are!

With a Btech Patch Management Service agreement in place, we will make sure that patches are deployed to all workstations and servers. We also provide our clients with detailed reports on the patch status of all systems.

Frequent Vulnerability Assessments are another important tool available to you. With our Vulnerability Assessment Service, Btech regularly analyzes your environment to discover any new vulnerability, report on it, and provide you with the information on how to correct the vulnerability.

What Type of Information Does the US-CERT Provide?

Below is a sample of High Risk Vulnerabilities with a CVSS rating of 10.0 reported. Please click here for further information, including detailed descriptions, of all severity types for the week ending July 31, 2017.

"The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System ( CVSS ) standard. The division of high, medium, and low severities correspond to the following scores:

High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9"

Vendor -- Product	Description	Published	CVSS Score	Source & Patch Info
cisco -- dpc3939_firmware	The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to execute arbitrary commands as root by leveraging local network access and connecting to the syseventd server, as demonstrated by copying configuration data into a readable filesystem.	7/30/17	10	CVE-2017-9479
cisco -- dpc3939_firmware	The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to obtain root access to the Network Processor (NP) Linux system by enabling a TELNET daemon (through CVE-2017-9479 exploitation) and then establishing a TELNET session.	7/30/17	10	CVE-2017-9482
cisco -- dpc3939_firmware	The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows Network Processor (NP) Linux users to obtain root access to the Application Processor (AP) Linux system via shell metacharacters in commands.	7/30/17	10	CVE-2017-9483
trendmicro -- officescan	Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the tr parameter within Proxy.php. Formerly ZDI-CAN-4543.	8/3/17	10	CVE-2017-11393

Need Help With Your Credit Union's IT Security?

Btech is the market leader in providing affordable managed IT security services

for credit unions.

Since 1989, Btech has worked to develop and implement valuable services to help

improve security and meet compliance requirements for our clients.

What we do:

Check out our full list of services HERE.

How Secure Are Your Vendors?

Have you ever thought to yourself, "how secure are my vendors?"

You rely on many vendors to provide a long list of services to your credit union and your members. These vendors are critical to your operations. But, are they secure?

Btech is proud of the fact that we are SSAE-16 certified. (SOC2 Type II). We also make it easy to work with us by providing a complete vendor due-diligence package to all of our service agreement clients.

Testimonial

"Since 2007, Santa Ana Federal Credit Union has trusted Btech for our network environment upgrades and their reliable managed security services. Btech has proven itself a rapid responder to our needs time and again; considering we have no in-house IT for day to day activities, it is clear how important their response times are to our operations. In order to keep up with changes in technology, we have implemented Btech's Mobile Device Management service in order to protect our members' personal information, as well as meet regulatory guidelines. We would recommend Btech to any credit union looking for assistance with their network security and operational needs".

John Hendrix

CFO

Santa Ana Federal Credit Union

Find more testimonials HERE

Please call us today to discuss any needs that you may have or to learn more about Btech.

Sincerely,

Lee Bird

President

[email protected]

626-397-1045

See what's happening on our social sites: