Month: January 2024
Cybersecurity Threat Advisory: Critical RCE vulnerability
A critical pre-authentication remote code execution (RCE) vulnerability, CVE-2024-21591, has been patched in Juniper Networks’ Junos OS on SRX firewalls and EX switches. Exploitable via an out-of-bounds write, the flaw poses risks of denial-of-service (DoS), RCE attacks, or unauthorized root...
Cybersecurity Threat Advisory: Ivanti zero-day vulnerabilities
Two vulnerabilities have been identified in Ivanti Connect Secure and Ivanti Policy Secure Gateways, CVE-2023-46805 and CVE-2024-21887 respectively, which when exploited together allow for unauthenticated remote code execution. These CVEs affect all supported versions of the products. Continue reading this...
The MSP guide to creating an effective email newsletter
Most MSPs have thought about starting a company email newsletter. Our inboxes get flooded with email newsletters from companies every single day. Some of them are amazing – most of them go straight to the trash. But what makes an...
Pioneers in Tech: Aaron Swartz, co-developer of RSS
When you consider the life story of Aaron Swartz, many questions come to mind. Most notably, what if? What if Swartz had lived past age 26? What might have he accomplished? Let’s take a closer look at this month’s edition...
Enhancing email security: Navigating new Google and Yahoo DMARC changes
In the evolving landscape of email security, major players like Google and Yahoo are implementing new DMARC (domain-based message authentication, reporting, and conformance) requirements set to roll out in early 2024. These changes present a unique opportunity to proactively safeguard K-12...
MSP Insights: What to expect in 2024
It’s no secret that the fortunes of managed service providers (MSPs) are closely tied to the overall state of the economy, but with an uneven economic outlook for 2024, forecasting the year is more challenging than usual. While uncertainty remains,...
Cybersecurity Threat Advisory: High-severity WebRTC vulnerability
A critical vulnerability identified as CVE-2023-7024 poses a significant threat to Google Chrome and Microsoft Edge browser users. This high-severity flaw, a heap-based buffer overflow in the WebRTC framework, can lead to remote code execution and potential compromise of sensitive...
2024 forecasted cybersecurity trends
The new year always brings a panoply of possibilities and promises. No one knows the future, so it becomes a blank canvas upon which we can all project our aspirations and whims. However, the future can also be full of...
Cybersecurity Threat Advisory: Apache Struts2 RCE vulnerability
A new vulnerability known as CVE-2023-50164 is being used by attackers to exploit the file upload functionality in Apache Struts2, an open-source framework for developing Java web applications. Barracuda MSP advises users to review this Cybersecurity Threat Advisory and upgrade...
EDR vs. MDR vs. XDR: What’s best for your MSP practice?
Selecting a security platform that provides the right level of protection based on your customers’ needs and your IT team’s skillset is vital. A determined attacker can find a way in, whether it’s via stolen or brute-forced credentials, exploiting unpatched...
