Clone Systems

Name: Clone Systems
Address: Philadelphia, PA, US
Telephone: +18004140321

Clone Systems has been securing businesses since 1998 and delivering PCI compliance as an ASV for 18 years.

We’re here to make security and compliance simple for your team.

06/19/2026

Work with an Approved Scanning Vendor you can trust.

Clone Systems provides PCI ASV approved scanning to help businesses identify vulnerabilities, meet PCI DSS scanning requirements, and stay ahead of security risk.

Whether you need PCI scanning for compliance or ongoing vulnerability visibility, our team helps make the process simple, reliable, and actionable.

Scan smarter. Stay secure.

06/19/2026

CVE Alert: Critical NGINX Open Source Flaws

F5 has released security updates for two critical NGINX Open Source vulnerabilities that could allow remote code ex*****on on affected systems.

• CVE-2026-42530 | CVSS 9.2
• CVE-2026-42055 | CVSS 9.2

The flaws impact certain NGINX configurations involving HTTP/3 QUIC, HTTP/2 proxying, and gRPC traffic.

Affected organizations should update to the latest fixed versions immediately. F5 also recommends disabling HTTP/3 for CVE-2026-42530 and adjusting affected header configuration settings for CVE-2026-42055 where patching cannot be completed right away.

Although active exploitation has not been reported, critical NGINX vulnerabilities can move quickly from disclosure to attack activity.

Patch now. Validate configurations. Monitor exposed systems.

06/18/2026

Is your online store PCI compliant?

Businesses that process payment card data may be required to run quarterly PCI vulnerability scans to help identify security weaknesses and maintain compliance.

Clone Systems provides PCI ASV approved scanning to help businesses uncover hidden risks, validate remediation, and stay on track with PCI DSS requirements.

Scan smarter. Stay secure.

https://www.clone-systems.com/pci-asv-scan-external-vulnerability-scanning/

06/18/2026

Threat Alert: DragonForce Abuses Microsoft Teams Relay Infrastructure

Threat actors linked to DragonForce ransomware have been observed using a custom Go-based RAT known as Backdoor.Turn to hide command-and-control traffic through Microsoft Teams relay infrastructure.

According to Symantec and Carbon Black, the malware used legitimate Microsoft TURN relay services so defenders would only see outbound traffic to Microsoft Teams servers.

Key details:

• Custom RAT: Backdoor.Turn
• Linked to DragonForce ransomware activity
• C2 traffic hidden through Microsoft Teams relay infrastructure
• Attackers reportedly remained in the environment for 1–2 months
• Capabilities include command ex*****on, network scanning, AD/LDAP search, lateral movement, and credential theft
• Activity also involved DLL side-loading and BYOVD techniques to evade security tools

This highlights a growing challenge for defenders: attackers are increasingly abusing trusted services to blend malicious traffic into normal business activity.

Organizations should review outbound traffic patterns, monitor for unusual Teams-related connections, investigate suspicious PowerShell activity, and validate endpoint controls against DLL side-loading and vulnerable driver abuse.

Trusted infrastructure does not always mean trusted activity.

06/17/2026

How often should your business run vulnerability scans?

Quarterly scanning is a good baseline, but it should not be treated as enough for every environment.

Public-facing systems, ecommerce websites, internal networks, and systems that change often may need monthly, after-change, or continuous scanning to stay ahead of risk.

A strong scanning schedule should include:

• Quarterly scans for baseline security and compliance
• Monthly scans for active public-facing environments
• Internal scans to identify risk inside the network
• Website scans after major updates
• Rescans after remediation to confirm fixes worked

Vulnerability scanning is not just about finding issues. It is about creating visibility, prioritizing risk, and fixing weaknesses before attackers can exploit them.

Read the full blog: https://www.clone-systems.com/how-often-should-you-run-vulnerability-scans/

06/17/2026

Trust matters most when customers are ready to buy.

Clone Systems Security Seals help businesses show customers they are verified, tested, and committed to security.

After passing a PCI scan, vulnerability scan, or pe*******on test, businesses can display a Clone Guard seal on their homepage, checkout page, or customer-facing site.

It is a simple way to show security credibility where it counts.

Pass a scan. Earn a seal. Show customers you’re secure.

06/17/2026

CVE Alert: Microsoft Defender Zero-Day

Microsoft has confirmed CVE-2026-50656, a Microsoft Defender zero-day publicly referred to as “RoguePlanet.”

The vulnerability is an elevation of privilege flaw in the Microsoft Malware Protection Engine and has been assigned a CVSS score of 7.8.

A public proof-of-concept reportedly abuses a race condition to gain SYSTEM-level privileges. Microsoft has confirmed it is developing a security update to address the issue.

Organizations should:

• Monitor Microsoft’s security update guidance
• Review endpoint activity for suspicious privilege escalation behavior
• Keep Defender components and security intelligence updated
• Validate patch deployment once released

Endpoint security tools are high-value targets. Treat Defender vulnerabilities as priority exposure.

06/16/2026

CVE Alert: Fortinet FortiSandbox

Attackers are reportedly exploiting three Fortinet FortiSandbox vulnerabilities:

• CVE-2026-39813 | CVSS 9.1
• CVE-2026-39808 | CVSS 9.1
• CVE-2026-25089 | CVSS 9.1

The flaws include path traversal and OS command injection issues that could allow unauthenticated attackers to bypass authentication or execute unauthorized commands through crafted HTTP requests.

Two of the vulnerabilities were patched in April 2026, while CVE-2026-25089 was patched last week.

Organizations using FortiSandbox, FortiSandbox Cloud, or FortiSandbox PaaS should apply the latest Fortinet updates immediately, review exposure, and monitor for suspicious activity.

Critical appliance vulnerabilities continue to be heavily targeted. Patch quickly and validate remediation.

06/15/2026

Expand your cybersecurity offering without building the infrastructure from scratch.

Clone Systems helps partners resell high-demand security services under their own brand, including PCI scanning, vulnerability scanning, and pe*******on testing.

You keep the customer relationship.
We provide the technology, team, and support behind the scenes.

Add trusted cybersecurity services. Build recurring revenue. Grow with Clone Systems.

https://www.clone-systems.com/white-label-pci-asv-scanning-custom-industries/

06/15/2026

Vulnerability Alert: Palo Alto Networks PAN-OS GlobalProtect

Palo Alto Networks has warned of active exploitation of CVE-2026-0257, an authentication bypass vulnerability affecting PAN-OS GlobalProtect portal and gateway components.

The flaw could allow an attacker to bypass security controls and establish unauthorized VPN connections.

According to Palo Alto Networks, exploitation has been observed in limited attacks, with initial activity reported on May 17, 2026. At this time, no post-access behavior or lateral movement has been identified.

Organizations using affected PAN-OS versions should:

• Apply the latest security updates immediately
• Review GlobalProtect logs for suspicious gateway-connected events
• Check for Palo Alto’s published indicators of compromise
• Validate exposure of GlobalProtect portals and gateways
• Confirm remediation status, especially if subject to CISA KEV requirements

VPN vulnerabilities remain a high-priority risk because they can provide direct access into corporate environments.

Address

Philadelphia, PA

Telephone

+18004140321

Website

https://www.clone-systems.com/

Alerts

Be the first to know and let us send you an email when Clone Systems posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Clone Systems

06/19/2026

06/19/2026

06/18/2026

06/18/2026

06/17/2026

06/17/2026

06/17/2026

06/16/2026

06/15/2026

06/15/2026

Address

Telephone

Website

Alerts

Shortcuts

Share

Category