January 2023 Newsletter
Welcome to the January 2023 edition of our Wertheim Global Solutions monthly newsletter! In this edition we will be reviewing some important information regarding security vulnerabilities in Content Server, the latest document and data breaches (including a phishing attack at DHL and a document leak at Metro Vancouver), as well as spotlighting one of our popular enhancement solutions for OpenText eDOCS, WincWall.
Welcome Stratesys!
A warm welcome and lots of good wishes to Stratesys on becoming part of our growing partner network! On behalf of all of us at WGSL we are happy and excited to work together towards our mutual success satisfying the needs of our clients.To contact Stratesys please email Luis Fernandez Sanguino Pena at luis.fernandezsanguino@stratgesys-ts.com or visit their website www.stratesys-ts.com.
Solution Spotlight- WincWall for eDOCS
WincWall is an automated utility that can be used to create and automatically enforce ethical walls and security barriers within OpenText eDOCS libraries. By monitoring all activity within a library, WincWall can check any new or updated documents against a centrally maintained rule set, applying appropriate security to individual documents as required. WincWall can be used to apply rules based on any piece, or combination of, validation data on the profile. This allows enhanced levels of compliance to be demonstrated, ensures client security requirements can be enforced, and dramatically reduces the need for internal training required to maintain a secure environment throughout your organization.WincWall supplies the ability to quickly, and cost effectively, set up a centralized security model that not only reduces risk, it also simplifies and standardizes the methods by which objects are secured. This can be used to demonstrate compliance to regulations such as HIPPA, Sarbanes Oxley (SOX), and the Market Abuse Directive (MAD), as well as maintain internal security rules such as ethical walls with minimal administrative overhead.
Click here for the WincWall Datasheet

Featured News
Critical Vulnerabilities in OT Enterprise Content Management System
Two critical pre-authentication vulnerabilities in the OpenText Extended ECM content management system were discovered, potentially allowing an attacker to gain remote code execution on vulnerable servers. Both vulnerabilities are now fixed in version 22.4, which OpenText released last week, although researchers at SEC Consult discovered the vulnerabilities and disclosed them to OpenText back in October.

One of the critical vulnerabilities could allow an unauthenticated attacker to execute arbitrary code using specially crafted requests, while the second critical flaw could allow an attacker to bypass authentication. Exploitation could ultimately lead to remote code execution. Sec Consult also identified five types of vulnerabilities in the Content Server component that can be exploited by authenticated attackers, which can be exploited to delete arbitrary files on the server, escalate privileges, obtain potentially valuable information, launch server-side request forgery (SSRF) attacks, and execute arbitrary code.

Metro Vancouver document leak allegedly perpetrated by disgruntled former contractors
A portion of confidential information that formed the basis for terminating Spanish-based Acciona’s contract, overseeing an over-budget $1-billion water treatment project, was allegedly shared with some members of the company by former employee Anika Calder, the daughter of Coquitlam’s city manager Peter Steblin. Court filings say that Steblin used the password and sign-in information for Coquitlam’s current mayor to access the confidential information in January 2022.  Acciona is currently engaged in a $250-million lawsuit claiming wrongful termination of its contract in North Vancouver, while Metro has launched a countersuit, alleging breaches of contract, misrepresentations, negligence, and bad faith that will cause damages of more than $500 million.

Recent document leaks in the news

Give Us a Try:
Translate »