Our Most Popular Managed Services

If you need help deciding what services are best for your business let us know.

VT Logo header logo wrap shape

VT Logo header logo wrap shape

Award-Winning Dallas-Fort Worth IT Services.

Questions? Call (817) 595-0111

inner banner overlay

VersaTrust Blog

VersaTrust has been serving the Texas area since 1997 , providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

VMware releases security patches

Sometimes technology solutions seem safer merely because they’re not widespread enough to be a lucrative target. Although increasingly popular, virtualization’s resilient protection protocols and low adoption rates tend to offset the cost vs. benefit considerations of creating an exploit. Or at least, that was the case. Late last month VMware announced an update to patch a gap that allowed attackers to compromise virtualized cloud infrastructures. We’ve compiled everything you need to know to protect yourself here.

Since its first software release in 2001, VMware has remained the leading provider of virtualization platforms, with most sources estimating double-digit leads in market share over the nearest competitor. By creating virtual environments stored on a network server or in a cloud environment, the company has given their clients the ability to create workstations, software, and even networks that can be utilized remotely. Fast forward to today, and VMware is working overtime to maintain its reputation by preempting software security vulnerabilities.

Obviously, when delivering any kind of specialized privileges over a network, adequate protection is of the utmost concern. In this case, two services for managing mobile clouds (vIDM and vRealize) were found to be vulnerable to exploits wherein users with minimal rights could cheat their way into full administrative privileges.

The security team at VMware elaborated that when executed in just one of the two services, this flaw would not be considered critical. However, when combined, it could pose an imminent threat to the security of your cloud infrastructure. To amend this oversight, ask your managed services provider or IT staff to update vIDM and vRealize to their most recent versions (2.7 and 7.1, respectively) as soon as possible. If this can’t be achieved in a realistic time frame, blocking port 40002 would act as a temporary workaround.

Sufficient security requires by-the-minute responses to the latest breaches and exploits. By partnering with us, you’ll never need to worry about checking in regarding patches or breaches you read about in the news. Instead, you’ll be hearing about them from us when we come around to install the updates. Choose the safe option -- contact us today with any of your virtualization needs or questions.

Published with permission from TechAdvisory.org. Source.

0 Comments
Continue reading

WordPress 4.5.3 fixes several security bugs

WordPress is one of the most popular and reliable content management systems on the market, and for this reason it is also one of the most frequently targeted platform for hackers. Websites that are running older versions of WordPress are often vulnerable to security breaches and data leaks. Seeking to correct a number of bugs, WordPress recently updated to version 4.5.3, a release that doesn’t provide much additional functionality but is highly recommended by the WordPress security team. Here’s what you need to know about their latest security update.

What’s new in WordPress 4.5.3?

The latest WordPress version includes fixes for more than two dozen critical vulnerabilities, including:
  • Redirect bypass in the WordPress customizer API
  • Two separate cross-scripting problems via attachment names
  • Information disclosure bug in revision history
  • Denial-of-service vulnerability in the oEmbed protocol
  • Unauthorized category removal from a post
  • Password change by stolen cookies
  • Some less secure sanitize_file_name edge cases
All vulnerabilities were found by members of the WordPress community. In addition to the security issues listed above, WordPress 4.5.3 fixes 17 maintenance issues from its predecessors 4.5, 4.5.1 and 4.5.2 (See full list).

WordPress update process

Many sites have an automatic background update, meaning that website admins will receive an email, confirming the update. If your website doesn’t support this feature, you can trigger manual updates by logging in to your WordPress dashboard and click on the ‘Please update now’ link, which is clearly visible on the top of the page.

Before you perform the update, however, we highly advise you to make a backup of your website. This is so that you can quickly restore your site in the event that something goes wrong. Once you have your backup ready, you can go ahead and update your site with the push of a button. Alternatively you can download WordPress 4.5.3 here and install it via File Transfer Protocol (FTP).

It’s important to update to the newest versions of WordPress to ensure that you have access to all of its functionalities and to keep your data and website visitors safe from potential security threats. Google will also demote websites that are running old versions of WordPress in its search results pages - all the more reason why you should regularly check for WordPress updates. If you have any questions about WordPress security, feel free to get in touch with our experts today.

Published with permission from TechAdvisory.org. Source.

0 Comments
Continue reading

How to manage virtualization security risks

When it comes to security, topics like the cloud and networks get wide coverage on Internet blogs and forums. However, other types of technology fly completely under the radar. Virtualization just so happens to fall into this category. And just because people aren’t talking about it doesn’t mean virtualized machines and infrastructure should be left unsecured. If you don’t have the right defense in place, you’re leaving your business vulnerable to hackers and cyber threats. Here are some of the major risks of insufficient virtualization security and a few methods to prevent them.

Security risks of virtualization

Complex infrastructure - much like the topic of virtualization itself, the infrastructure of a virtualization solution can oftentimes be confusing to small businesses. The extra layers of infrastructure complexity added by virtualization can make it more difficult to spot anomalies and unusual events happening in your virtual machines and network.

Dynamic design - the design of a virtualized environment is dynamic by nature and constantly changing. Unlike adding physical equipment, which is a bit of an event as you make room for it in your office and install it, the addition of virtual machines can go almost completely unnoticed as they’re created in a matter of minutes and aren’t visible in your workspace. The danger here is the age old adage, “out of sight out of mind.” And if you add too many, they can easily become difficult to manage and secure, creating security holes in the process.

Quick moving workloads - as your virtualized infrastructure grows, there will come a time when you need to move workloads from one machine to another. While this may sound harmless enough, the real issue is that your virtual machines will likely require different levels of security. And when you’re juggling multiple workloads over multiple virtual machines, you may accidentally move mission critical workloads to a machine with a low level security, creating a security hole in the process.

How to mitigate risks

While these three risks may sound alarming, they can all be mitigated. The key behind effectively securing your virtual machines all comes down to process. Put some thought into your security processes and then implement them. Here are a few areas to cover:
  • Organization - decide how and where to separate your test, development and production virtual machines.
  • Audit - develop a system to regularly audit your virtual machine security. Whenever possible, use tools to automate your security checks, balances and processes.
  • Patches - Perform regular security patch maintenance, and create a schedule to ensure your patches are up-to-date for all virtual machines.
  • Overflow management - When you have so many virtual machines they’re hard to track, you need a system in place to monitor them. So be aware of what each virtual machine is used for, and manage it accordingly. While doing this, find ways to consolidate machines whenever possible and get rid of the ones under utilized.
  • Responsibility - to ensure the security of your virtual machines doesn’t slip through the cracks, designate one IT technician or manager to be responsible for it.
If you prioritize security of your virtual machines and properly manage them, security can truly be a non-issue. If you’d like additional assistance with your virtualized infrastructure or would like to implement a new virtualization solution, give us a call today.
Published with permission from TechAdvisory.org. Source.

0 Comments
Continue reading