Month: March 2022
The important role MSPs play in keeping the data center safe
Data is currency to hackers. “For a hacker, there’s no difference between a stack of $50 bills and a bunch of unguarded PHI (personal health information) or credit card numbers,” says Phil Jefferson, an independent cybersecurity consultant in Fort Worth,...
Spear-phishing report: Social engineering and growing complexity of attacks
As cybercriminals step up social engineering attacks against employees at small businesses, organizations of all sizes need to be prepared for spear-phishing attacks. Between January 2021 and December 2021, Barracuda researchers analyzed millions of spear-phishing and social engineering attacks impacting mailboxes at thousands of organizations. They share...
Tech Time Warp: First domain name registered in 1985
File this away for your next pub quiz: The first domain name ever registered was Symbolics.com, registered on March 15, 1985, by Symbolics Computer Corporation, a company that specialized in single-user machines running the LISP programming language. For this week’s...
Cybersecurity Threat Advisory: “TLStorm” vulnerability found in APC Smart-UPS devices
The security firm Armis has located three vulnerabilities in Schneider Electric’s APC Smart-UPS devices. These flaws are being tracked under the name “TLStorm.” This vulnerability can enable remote attackers to control the power of millions of enterprise devices to conduct...
Cybersecurity Threat Advisory: Dirty pipe Linux vulnerability provides privilege escalation
Security researchers have discovered and released information on new vulnerabilities and kernel level exploits to the public. The vulnerabilities: CVE-2022-049 and CVE-2022-0847 are some of the highest severity exploits and affect out-of-date Linux distros. Due to the similarities with the...
Does Blockchain fit in with being an MSP?
Mention Blockchain and most people’s minds jump straight to cryptocurrencies. In many cases, the second thought that comes to mind is massive resource requirements. Cryptocurrencies are built on top of blockchains – and it is the mining activity to solve...
Cybersecurity Threat Advisory: RCE in Okta Advanced Server Access Client
Threat Update The Okta Advanced Server Access Windows client is vulnerable to an unauthenticated remote code execution vulnerability. Thousands of companies rely on Okta to provide zero-trust identity and access management for cloud and on-premises infrastructure. This vulnerability can be...
Pioneers in Tech: Annie Easley, “human computer” to diversity champion
As we transition from Black History Month to Women’s History Month, it’s hard to think of a more inspiring group of technology pioneers than the Black women who worked as “human computers” at NASA. Only a few of their stories...
MSPs should emphasize securing Guest User Accounts within SaaS apps
Guest User Accounts that SaaS application providers make available to organizations, are becoming a major security issue that managed service providers (MSPs) are arguably in the best position to resolve. A report published this week by SaaS Alerts, a provider...
Beware the toads
It is nearly Spring, and as the weather turns warm, one must watch out for TOADS. No, not the kind that catches flies and hops into ponds. These TOADS are more sophisticated, standing for Telephone Oriented Attack Delivery (TOAD). There...