Month: September 2022
Cybersecurity Threat Advisory: New Microsoft Exchange Server zero-day vulnerability
Researchers from GTSC found a new zero-day vulnerability for Microsoft Exchange Server in the wild. Upon successful exploitation, threat actors can perform RCE (Remote Code Execution) via a backdoor onto the compromised system. GTSC has released a report outlining the...
Cybersecurity Threat Advisory: Zoho ManageEngine RCE bug
A critical Zoho ManageEngine Remote Code Execution (RCE) flaw is being actively exploited according to The US Cybersecurity and Infrastructure Security Agency (CISA). This vulnerability allows remote attackers to execute arbitrary code on affected installations of Password Manager Pro, PAM360 and...
Tech Time Warp: Cybersecurity Awareness Month turns 18
Cybersecurity is finally of age—as an awareness month, anyway. Oct. 1 marks the start of the 18th annual Cybersecurity Awareness Month organized by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA).
Cloud-native security is becoming a bigger concern
For some time now, containers as a new type of software artifact that are foundational to cloud-native applications have been appearing more frequently in production environments. Initially, most of those applications were built by sophisticated developers but as the value...
Cybersecurity Threat Advisory: Sophos Firewall critical vulnerability
Sophos has identified a remote code execution vulnerability tracked as CVE-2022-3236. This vulnerability affects the User Portal and Webadmin components of Sophos Firewalls. Upon a successful exploitation, a threat actor can gain root privileges and deploy a ransomware attack. Barracuda...
CISA warns industrial clients are vulnerable
MSPs with industrial clients in their portfolios have a set of security issues that often differ from other verticals, and each vertical brings its own baggage. With healthcare clients, for example, it’s PHI and HIPAA regulations. With finance clients, there...
Barracuda Web Application Firewall named a Strong Performer by independent research firm
We’re proud to share the news that Barracuda Web Application Firewall (WAF) has been named a Strong Performer in “The Forrester Wave™: Web Application Firewalls, Q3 2022.” Forrester’s detailed analysis of products and services says WAF customers should look for...
Cybersecurity Threat Advisory: Phishing attacks targeting GitHub accounts
GitHub alerted the public that there is an ongoing phishing campaign that is targeting its users by impersonating CircleCI continuous integration and delivery platform. These phishing attacks are designed to steal the targeted user’s account credentials and authentication codes. A...
David Kern, one of the 100 people you don’t know but should
CRN®, a brand of The Channel Company, recently announced their ‘100 People You Don’t Know But Should’ list for 2022. Barracuda MSP is honored to share that one of our very own, David Kern, Regional Manager of Partner Success, earned...
Tech Time Warp: District judge rules that computer code is protected by copyright
Sept. 22, 1986, marked a milestone in a protracted legal battle between Intel and NEC Corp. over copyright protection of computer code. As they fought for control of the microprocessor market, the two semiconductor companies—Intel American, and NEC Corp. Japanese—found...
