My Pulsant
Update - Pulsant are working with the circuit provider to mitigate any further occurrence and have escalated to their vendor. Services continue to remain stable.
Nov 23, 2022 - 14:23 GMT
Nov 23, 2022 - 14:23 GMT
Update - We are continuing to work on a fix for this issue.
Nov 23, 2022 - 14:18 GMT
Nov 23, 2022 - 14:18 GMT
Identified - Pulsant is continuing to investigate root cause with our supplier. Services continue to remain stable.
Nov 23, 2022 - 11:21 GMT
Nov 23, 2022 - 11:21 GMT
Investigating - Pulsant are investigating a brief Network interruption at approx 08:15 on 23rd November 2022. Whilst service has restored, further investigation to root cause is ongoing.
Nov 23, 2022 - 08:52 GMT
Nov 23, 2022 - 08:52 GMT
Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516
Subscribe
Investigating - Pulsant are aware of the Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516.
For the up-to-date information, please visit -
https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516
Nov 10, 2022 - 19:46 GMT
For the up-to-date information, please visit -
https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516
Nov 10, 2022 - 19:46 GMT
Update - Microsoft has released their November 2022 security update for Exchange Server, which includes fixes for this zero-day vulnerability. (CVE-2022-41040 and CVE-2022-41082)
Pulsant urge our clients to review the information on the Microsoft download page, and install this critical fix for all of your Microsoft Exchange Servers. https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-november-8-2022-kb5019758-2b3b039b-68b9-4f35-9064-6b286f495b1d
For Pulsant Managed clients, we will be in contact shortly to schedule the update.
Nov 10, 2022 - 11:22 GMT
Pulsant urge our clients to review the information on the Microsoft download page, and install this critical fix for all of your Microsoft Exchange Servers. https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-november-8-2022-kb5019758-2b3b039b-68b9-4f35-9064-6b286f495b1d
For Pulsant Managed clients, we will be in contact shortly to schedule the update.
Nov 10, 2022 - 11:22 GMT
Update - We are continuing to work on a fix for this issue.
Oct 05, 2022 - 09:54 BST
Oct 05, 2022 - 09:54 BST
Update - Overnight, Microsoft have updated their recommendations and stated that the revised regex should be applied.
Follow this link for official MS guidance:
https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/
Sep 30, 2022 - 12:31 BST
Follow this link for official MS guidance:
https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/
Sep 30, 2022 - 12:31 BST
Update - Microsoft have now publicly acknowledged the zero-day, and are supplementing the URL rewrite remediation step with a second recommendation.
Authenticated attackers who can access PowerShell Remoting on vulnerable Exchange systems will be able to trigger remote code injection using CVE-2022-41082. Blocking the ports used for Remote PowerShell can limit these attacks.
HTTP: 5985
HTTPS: 5986
Pulsant recommend adding this to any remediation action. The PowerShell port blocking should only need to be done for inbound requests going to the Exchange server infrastructure.
Sep 30, 2022 - 12:25 BST
Authenticated attackers who can access PowerShell Remoting on vulnerable Exchange systems will be able to trigger remote code injection using CVE-2022-41082. Blocking the ports used for Remote PowerShell can limit these attacks.
HTTP: 5985
HTTPS: 5986
Pulsant recommend adding this to any remediation action. The PowerShell port blocking should only need to be done for inbound requests going to the Exchange server infrastructure.
Sep 30, 2022 - 12:25 BST
Update - We are continuing to monitor the situation
Sep 30, 2022 - 12:23 BST
Sep 30, 2022 - 12:23 BST
Identified - Pulsant Cyber Security have become aware of a zero-day vulnerability affecting MS Exchange Servers (On Premise). As a zero-day vulnerability, there is no available vendor patch at this time.
**UPDATE 31/10/2022 WORK AROUND NO LONGER VALID** As a temporary workaround (until patches are released), clients may wish to add an IIS (internet information services) server rule to temporarily block exploitation attempts via the URL rewrite rule module.
1. In Autodiscover at FrontEnd, select tab URL Rewrite, and then Request Blocking.
2. Add string “.*autodiscover\.json.*\@.*Powershell.*“ to the URL Path.
3. Condition input: Choose {REQUEST_URI}
Once patches are released from Microsoft, it is recommended that a patch is applied without delay.
Pulsant Cyber Security will continue to closely monitor this situation and provide updates.
Useful Links: https://www.automox.com/blog/zero-day-microsoft-exchange
Sep 30, 2022 - 12:22 BST
**UPDATE 31/10/2022 WORK AROUND NO LONGER VALID** As a temporary workaround (until patches are released), clients may wish to add an IIS (internet information services) server rule to temporarily block exploitation attempts via the URL rewrite rule module.
1. In Autodiscover at FrontEnd, select tab URL Rewrite, and then Request Blocking.
2. Add string “.*autodiscover\.json.*\@.*Powershell.*“ to the URL Path.
3. Condition input: Choose {REQUEST_URI}
Once patches are released from Microsoft, it is recommended that a patch is applied without delay.
Pulsant Cyber Security will continue to closely monitor this situation and provide updates.
Useful Links: https://www.automox.com/blog/zero-day-microsoft-exchange
Sep 30, 2022 - 12:22 BST
Cyber Threat Intelligence: Active exploitation attempts targeting Cisco AnyConnect Client for Windows. (CVE-2020-3153 & CVE-2020-3433)
Subscribe
Investigating - Pulsant is aware of this ongoing vulnerability and investigating. Regular updates to follow.
For the most up to date information, visit -
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-F26WwJW
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-win-path-traverse-qO4HWBsj
https://thehackernews.com/2022/10/hackers-actively-exploiting-cisco.html
Oct 27, 2022 - 10:08 BST
For the most up to date information, visit -
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-F26WwJW
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-win-path-traverse-qO4HWBsj
https://thehackernews.com/2022/10/hackers-actively-exploiting-cisco.html
Oct 27, 2022 - 10:08 BST
About This Site
We are the UK’s leading colocation and cloud infrastructure provider.
We provide colocation and cloud infrastructure services from our 10 regional data centres, including integration and management of public cloud, with a core focus on availability, security and connectivity.
Business Continuity
Operational
Cloud Backup (Asigra) Edinburgh
Operational
Cloud Backup (Asigra) Milton Keynes
Operational
Cloud Backup (Asigra) Newcastle
Operational
Cloud Backup (Asigra) Reading
Operational
Cloud Backup (Veeam) Edinburgh
Operational
Cloud Backup (Veeam) Milton Keynes
Operational
Disaster Recovery
Operational
Data Centre Services
Operational
Edinburgh Medway
Operational
Edinburgh Newbridge
Operational
Edinburgh South Gyle
Operational
Glasgow
Operational
Maidenhead
Operational
Manchester
Operational
Milton Keynes
Operational
Newcastle Central
Operational
Newcastle East
Operational
Reading
Operational
Sheffield
Operational
South London
Operational
Managed Cloud
Operational
Azure
Operational
AWS
Operational
Cloud Storage Edinburgh
Operational
Cloud Storage Milton Keynes
Operational
Cloud Storage Newcastle Central
Operational
Cloud Storage Newcastle East
Operational
Cloud Storage Reading
Operational
Managed Office 365
Operational
Pulsant Enterprise Cloud (PEC) Edinburgh
Operational
Pulsant Enterprise Cloud (PEC) Milton Keynes
Operational
Pulsant Enterprise Cloud (PEC) Newcastle Central
Operational
Pulsant Enterprise Cloud (PEC) Newcastle East
Operational
Pulsant Enterprise Cloud (PEC) Reading
Operational
Cloud Desktop Milton Keynes
Operational
Cloud Desktop Edinburgh
Operational
Email Security Services
Operational
Managed Networks
Operational
Cloud Connect
Operational
Maidenhead
Operational
Medway
Operational
Milton Keynes
Operational
Newcastle
Operational
Newbridge
Operational
Reading
Operational
South Gyle
Operational
South London
Operational
South Yorkshire
Operational
Leased Lines
Operational
xDSL Services
Operational
IP Transit
Operational
Data Centre Failover
Operational
Content Delivery Network (CDN)
Operational
Cloud Fabric
Operational
Data Centre Connect
Operational
Metro Connect
Operational
Optical Connect
Operational
Managed Security
Operational
Cloud Protect
Operational
DDoS Protect
Operational
Threat Intelligence Alert
Operational
Operational
Degraded Performance
Partial Outage
Major Outage
Maintenance
Major outage
Partial outage
No downtime recorded on this day.
No data exists for this day.
had a major outage.
had a partial outage.