News and Blog

CVE-2025-2783 is a high-severity zero-day vulnerability in Google Chrome that allows attackers to bypass the browser’s sandbox protection through a logical error at the intersection of Chrome’s security framework and the Windows operating system. This vulnerability enables remote code execution and system compromise.

Our partner, Arctic Wolf, has reported an ongoing campaign targeting websites across various industries with a fake CAPTCHA attack, where victims are presented with a challenge that ultimately leads to the loading of information stealer malware. We strongly encourage you to review the provided details and take appropriate measures to mitigate the associated risks.

When it comes to managing your business’s IT needs, choosing the right Managed Service Provider (MSP) can make all the difference. While large, national MSPs might have greater resources and reach, that scale often comes at a cost, both in hard dollars and approach. Patrick Boyd outlines some of the advantages a smaller MSP can offer.

New York, NY, February 12, 2025 — Cornerstone Information Technologies, LLC is recognized in CRN’s Managed Service Provider (MSP) 500 list in the Pioneer 250 category for 2025.

WATERLOO, ONTARIO and EDEN PRAIRIE, MINNESOTA – December 16, 2024 – Arctic Wolf® and BlackBerry Limited (NYSE: BB; TSX:BB), two global leaders in security software and services, today announced they have entered into a definitive agreement for Arctic Wolf to acquire BlackBerry’s Cylance® endpoint security assets. Cylance is the pioneer of AI-based endpoint protection trusted by thousands of organizations around the world. With this acquisition, Arctic Wolf ushers in a new era of simplicity, flexibility, and outcomes to the endpoint security market, delivering the security operations results customers have been asking for.

Join Cornerstone.IT & Arctic Wolf, ILTA technology leaders, for an engaging and informative session as we discuss the cybersecurity landscape and how to ensure you are being proactive with your firm’s security posture in 2025. As cyberattacks continue to evolve, it’s critical to understand the strategies bad actors use and how to protect sensitive client data and your firm’s reputation.

During this year’s Cybersecurity Awareness Month, we will explore the current landscape of online security threats, examine how individuals can safeguard themselves from potential breaches, and discuss strategies for organizations to empower their employees in defending against cyber-attacks.

The digital world is constantly evolving and some parts of it are scary. What can a firm or company do to protect itself when it seems like the barbarians are constantly at the proverbial gate? There are actually several basic steps you can do to protect your data and the data of your clients, not to mention your well-earned reputation.

As a law firm CIO or COO, planning your 2025 information technology budget involves anticipating future needs, addressing current challenges, and leveraging technology to enhance attorney productivity and security. Firms will need to continue to invest in their cloud migration and hybrid-work plans, but here are some other critical areas to focus on.

Local privilege escalation allows a low-privileged user to gain SYSTEM privileges with Citrix Workspace application on Windows.

Interview with Jim Moreo with Jennie Azoulai (Legal Tech Publishing) at ILTACON 2024.

Whether you do them yourself or get some help, taking stock of your technology, your team’s skills and your processes is never a bad thing.  Many firms do them every few years as a self-check.  They help you identify gaps that need to be addressed and points the way to solutions that may not be evident until you see everything summarized in one place.

An unauthenticated attacker could repeatedly send IPv6 packets, that include specially crafted packets, to a Windows machine which could enable remote code execution.

This issue, affecting computers running Microsoft Windows, underscores the importance of having a reliable Managed IT Services provider.

Two vulnerabilities have been discovered in NetScaler Console (formerly NetScaler ADM), NetScaler SVM, and NetScaler Agent. Sensitive information disclosure and Denial of Service.

To our prospective clients, choosing Cornerstone.IT means you’ll be partnering with an ISO-certified provider. Our services not only meet ISO standards, but we also strive to impart the benefits of these standards to your firm.

As we draw nearer to the introduction of iManage’s innovative Artificial Intelligence (AI) services at ConnectLive NYC, the anticipation is tangible. This groundbreaking initiative was a significant focus at the recent iManage partner conference.

Congratulations Arctic Wolf for being named a leader in the 2024 IDC MarketScape for Worldwide Managed Detection and Response report!

Cisco has released free software updates that address the vulnerabilities described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their Updates Channel.