Month: April 2021
Digital business transformation requires data engineering heroes
Most organizations intuitively realize that sound data management and data engineering practices are at the core of any digital business transformation practice. However, a survey of 150 IT professionals working for organizations with at least 4,000 employees published this week...
Cybersecurity Threat Advisory: Windows RPC Protocol RemotePotato0 Exploit
Threat Update A new privilege escalation vulnerability has been discovered inside of the Windows RPC protocol. This vulnerability, known as RemotePotato0, is a NTLM relay attack which could allow attackers to escalate their privileges from a normal User all the...
Healthcare is one of the most vulnerable verticals in 2021
Hackers view personal healthcare information as the holy grail of data, mining this data in exchange for currency on the dark web. HealthTech sounded this alarm in April of this year: As the attacks mature and get increasingly sophisticated, healthcare...
Cybersecurity Threat Advisory: Exchange Vulnerabilities Being Exploited by Botnet
Threat Update The botnet “Prometei”, discovered in 2020, has been targeting Exchange servers across the United States using the vulnerabilities recently targeted by HAFNIUM. Technical Detail & Additional Information WHAT IS THE THREAT? The Prometei botnet, previously used for mining...
MSPs focusing solely on tech support will not survive
Most MSPs are started by an engineer with a desire to provide people with tech support. You saw someone who needed help and figured “I can do that!” Maybe you worked for other IT support companies and decided you could...
Cybersecurity Threat Advisory: Trend Micro Security Vulnerability Exploited
Threat Update On April 21st, US-Japanese cybersecurity company Trend Micro disclosed that a threat actor are exploiting a known vulnerability in several of its antivirus products (Apex One, Apex One as a Service, OfficeScan XG SP1, Worry-Free Business Security, and...
Cybersecurity Threat Advisory: Over 1 Million Windows RDP Credentials Leaked
Threat Update Hacker group UAS has had 1.3 million RDP credentials for Windows servers leaked by security researchers. The compromised credentials could possibly allow a malicious actor to log into a compromised RDP server. It is imperative to keep best...
New eBook: 6 Can’t-Miss Opportunities for MSPs in 2021
MSPs face an unprecedented amount of exciting change and opportunities in 2021, as the world recovers from a global pandemic and the shifts in the workforce and cybersecurity landscapes that ensued because of it. The widespread emergence of 5G, AI,...
Cybersecurity Threat Advisory: SonicWall Zero-Day Vulnerabilities
Threat Update SonicWall, a security hardware manufacturer, has released patches to address a set of three zero-day vulnerabilities. These vulnerabilities affect both on-premises and hosted Email Security products. These vulnerabilities could allow for attackers to create administrative accounts, upload arbitrary...
Tech Time Warp: Introducing the Concept of a macro virus
As computer users learned from the Melissa virus, malware often arrives as a wolf in sheep’s clothing: a commonplace file such as a Word doc or Excel spreadsheet. But Melissa—the scourge of spring 1999—was not the first such “macro virus”...