Identified - Microsoft has recently disclosed critical vulnerabilities in several on-premises versions of Microsoft Exchange (Exchange Online/O365 is not impacted) that are actively being exploited, with already over 30,000 known compromised machines globally.
Exploitation of these vulnerabilities is widespread and indiscriminate, and threat actors could exploit these vulnerabilities to compromise networks and steal information, perpetrate social engineering fraud, or encrypt data for ransom.
Pulsant is aware that you may be have had a vulnerable version of Microsoft Exchange in your environment. There is evidence to indicate that the vulnerability existed long before the patch was made available from Microsoft and therefore the vulnerability MAY already have been compromised in your infrastructure prior to patching being applied.
According to Microsoft, these are the affected versions are:

• Microsoft Exchange Server 2010 RU31 for Service Pack 3
• Microsoft Exchange Server 2013 CU 23
• Microsoft Exchange Server 2016 CU 18, CU 19
• Microsoft Exchange Server 2019 CU 7, CU 8

These vulnerabilities can be exploited remotely if a threat actor locates a vulnerable server.

Recommendation
Pulsant recommends that our clients take all necessary measures to mitigate against this vulnerability. Please be aware that simply updating/patching your version of Microsoft Exchange may not fully remediate the threat posed by this exploit. It is recommended to follow the guidance from Microsoft.
The recommended steps are noted below:
1. If you have the capability, follow the guidance in CISA Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities to create a forensic image of your system.
2. Check for indicators of compromise (IOCs) by running the Microsoft IOC Detection Tool for Exchange Server Vulnerabilities.
3. Immediately update all instances of on-premises Microsoft Exchange that you may have.
4. If you are unable to immediately apply updates, follow Microsoft’s alternative mitigations in the interim. Note: these mitigations are not an adequate long-term replacement for applying updates; organisations should apply updates as soon as possible.
If you have been compromised, follow the guidance in CISA Alert AA21-062A. For additional incident response guidance, see CISA Alert AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity. Note: Responding to IOCs is essential to evict a threat
5. actor from your network and therefore needs to occur in conjunction with measures to secure the Microsoft Exchange environment.

In addition, Microsoft has released a new, one-click mitigation tool, Microsoft Exchange On-Premises Mitigation Tool to help customers who do not have dedicated security or IT teams to apply these security updates.

For additional information about these vulnerabilities or any assistance you may require with regards to the above then please contact Pulsant Service Desk.

It is recommended that clients migrate to O365 at the earliest opportunity, if this is an area that Pulsant can assist then please contact your Account Manager at your earliest convenience.
Mar 3, 11:23 GMT
Identified - On March 10th, 2021, F5 announced four critical CVEs, along with three related CVEs (two high and one medium).

The seven (7) related vulnerabilities are as follows:

K03009991: iControl REST unauthenticated remote command execution vulnerability CVE-2021-22986
The iControl REST interface has an unauthenticated remote command execution vulnerability.

CVSS score: 9.8 (Critical)

K18132488: Appliance Mode TMUI authenticated remote command execution vulnerability CVE-2021-22987
When running in Appliance mode, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages.

CVSS score: 9.9 (Critical)

K70031188: TMUI authenticated remote command execution vulnerability CVE-2021-22988
TMUI, also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages.

CVSS score: 8.8 (High)

K56142644: Appliance mode Advanced WAF/ASM TMUI authenticated remote command execution vulnerability CVE-2021-22989
When running in Appliance mode with Advanced WAF or BIG-IP ASM provisioned, the TMUI, also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages.

CVSS score: 8.0 (High)

K45056101: Advanced WAF/ASM TMUI authenticated remote command execution vulnerability CVE-2021-22990
On systems with Advanced WAF or BIG-IP ASM provisioned, the TMUI, also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages.

CVSS score: 6.6 (Medium)

K56715231: TMM buffer-overflow vulnerability CVE-2021-22991
Undisclosed requests to a virtual server may be incorrectly handled by the Traffic Management Microkernel (TMM) URI normalization, which may trigger a buffer overflow, resulting in a DoS attack. In certain situations, it may theoretically allow bypass of URL based access control or remote code execution (RCE).

CVSS score: 9.0 (Critical)

K52510511: Advanced WAF/ASM buffer-overflow vulnerability CVE-2021-22992
A malicious HTTP response to an Advanced WAF/BIG-IP ASM virtual server with Login Page configured in its policy may trigger a buffer overflow, resulting in a DoS attack. In certain situations, it may allow remote code execution (RCE), leading to complete system compromise.

CVSS score: 9.0 (Critical)

More information is available on the following page. https://support.f5.com/csp/article/K02566623

Pulsant are working to mitigate any risk and apply appropriate patching where applicable.

Pulsant recommends that all customers who manage their own load balancers refer to the guidance detailed in the links above.
Mar 12, 10:08 GMT
Identified - Advisory ID:
VMSA-2021-0002

Issue Date:
2021-02-23

Synopsis:
VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2021-21972, CVE-2021-21973, CVE-2021-21974)

1. Impacted Products

VMware ESXi
VMware vCenter Server (vCenter Server)
VMware Cloud Foundation (Cloud Foundation)
2. Introduction

Multiple vulnerabilities in VMware ESXi and vSphere Client (HTML5) were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.

Pulsant are taking steps to work with customers affected by this to resolve or mitigate risk.

More information available here https://www.vmware.com/security/advisories/VMSA-2021-0002.html


Pulsant recommends that all customers who manage their own , follow the guidance detailed in https://www.vmware.com/security/advisories/VMSA-2021-0002.html
Feb 25, 10:34 GMT

About This Site

We are the UK’s leading colocation and cloud infrastructure provider.

We provide colocation and cloud infrastructure services from our 10 regional data centres, including integration and management of public cloud, with a core focus on availability, security and connectivity.

Business Continuity Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Asigra) Edinburgh Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Asigra) Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Asigra) Newcastle Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Asigra) Reading Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Veeam) Edinburgh Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Veeam) Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Disaster Recovery Operational
90 days ago
100.0 % uptime
Today
Data Centre Services Operational
90 days ago
99.99 % uptime
Today
Edinburgh Medway Operational
90 days ago
100.0 % uptime
Today
Edinburgh Newbridge Operational
90 days ago
99.94 % uptime
Today
Edinburgh South Gyle Operational
90 days ago
100.0 % uptime
Today
Glasgow Operational
90 days ago
100.0 % uptime
Today
Maidenhead Operational
90 days ago
100.0 % uptime
Today
Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Newcastle Central Operational
90 days ago
100.0 % uptime
Today
Newcastle East Operational
90 days ago
100.0 % uptime
Today
Reading Operational
90 days ago
100.0 % uptime
Today
Sheffield Operational
90 days ago
100.0 % uptime
Today
South London Operational
90 days ago
100.0 % uptime
Today
Managed Cloud Operational
90 days ago
99.99 % uptime
Today
Azure Operational
90 days ago
100.0 % uptime
Today
AWS Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Edinburgh Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Newcastle Central Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Newcastle East Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Reading Operational
90 days ago
100.0 % uptime
Today
Managed Office 365 Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Edinburgh Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Newcastle Central Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Newcastle East Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Reading Operational
90 days ago
100.0 % uptime
Today
Cloud Desktop Milton Keynes Operational
90 days ago
99.95 % uptime
Today
Cloud Desktop Edinburgh Operational
90 days ago
100.0 % uptime
Today
Email Security Services Operational
90 days ago
100.0 % uptime
Today
Managed Networks Operational
90 days ago
99.96 % uptime
Today
Cloud Connect Operational
90 days ago
100.0 % uptime
Today
Maidenhead Operational
90 days ago
100.0 % uptime
Today
Medway Operational
90 days ago
100.0 % uptime
Today
Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Newcastle Operational
90 days ago
100.0 % uptime
Today
Newbridge Operational
90 days ago
99.89 % uptime
Today
Reading Operational
90 days ago
100.0 % uptime
Today
South Gyle Operational
90 days ago
99.98 % uptime
Today
South London Operational
90 days ago
100.0 % uptime
Today
South Yorkshire Operational
90 days ago
100.0 % uptime
Today
Leased Lines Operational
90 days ago
100.0 % uptime
Today
xDSL Services Operational
90 days ago
100.0 % uptime
Today
IP Transit Operational
90 days ago
100.0 % uptime
Today
Data Centre Failover Operational
90 days ago
100.0 % uptime
Today
Content Delivery Network (CDN) Operational
90 days ago
100.0 % uptime
Today
Cloud Fabric Operational
90 days ago
100.0 % uptime
Today
Data Centre Connect Operational
90 days ago
100.0 % uptime
Today
Metro Connect Operational
90 days ago
100.0 % uptime
Today
Optical Connect Operational
90 days ago
99.01 % uptime
Today
Managed Security Operational
90 days ago
100.0 % uptime
Today
Cloud Protect Operational
90 days ago
100.0 % uptime
Today
DDoS Protect Operational
90 days ago
100.0 % uptime
Today
Threat Intelligence Alert Operational
Operational
Degraded Performance
Partial Outage
Major Outage
Maintenance
Major outage
Partial outage
No downtime recorded on this day.
No data exists for this day.
had a major outage.
had a partial outage.