Latest Updates
ACT! Vulnerability
Posted by Andrew Smith on 21/04/22 08:50

Attention Act! Customer:

 

We recently became aware of a security vulnerability within Act! Pro, Act! Premium and Act! Growth Suite software that may make it easier for a threat actor to gain unauthorized access to your system. To address this vulnerability, updates are being made available for supported versions of Act!. View the Act! Support Obsolescence Policy.https://act.com/obsolescence-policy/

 

To ensure that this vulnerability is addressed, an update
Read more


Merry Christmas From Xperience
Posted by Andrew Smith on 22/12/21 15:27

The end of another year, and what a year 2021 has been!

 

We are delighted with what we have achieved this year. With Green Duck joining Xperience, we really are stronger together, and we are excited for what
Read more


Apache Log4j Update - Software
Posted by Andrew Smith on 14/12/21 15:50

Important -

With regards to Apache Log4j vulnerability we are currently in contact with our Software vendors to assess if they are impacted by this and if so what steps are needed to be taken. Once we have the information we will reach out where necessary to discuss next steps.

We have received notifications for the following Software from our vendors.

InforCRM - Uses Version 1 of Log4j - this is not affected by this vulnerability however in an abundance
Read more


Alert: Active scanning for Apache Log4j 2 vulnerability (CVE-2021-44228) 

A remote code execution vulnerability (CVE-2021-44228) is affecting multiple versions of the Apache Log4j 2 library. The NCSC is aware that scanning for this vulnerability has been detected in the UK and exploitation detected elsewhere.

Log4j 2 is an open-source Java logging library developed by the Apache Foundation. It is widely used in many applications and is
Read more


Microsoft Exchange Security Advisory (CVE-2021-26855)
Posted by Richard Kennedy on 03/03/21 10:04

Microsoft has identified that multiple Zero-Day vulnerabilities are currently being exploited in Microsoft Exchange. To mitigate the risk of exploitation, clients with public-facing Exchange Servers should prioritise the installation of software updates.

"Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access
Read more