Month: March 2024
Cybersecurity Threat Advisory: OpenEdge authentication bypass vulnerability
A critical vulnerability (CVE-2024-1403) affecting Progress Software OpenEdge Authentication Gateway and AdminServer impacts versions 11.7.18 and earlier, 12.2.13 and earlier, and 12.8.0. The vulnerability allows unauthorized access due to manipulation of username and password combinations during the authentication process. Review...
Cybersecurity Threat Advisory: Critical vulnerabilities in QNAP devices
Critical authentication bypass vulnerabilities have been identified in QNAP network attached storage (NAS) devices. These flaws pose significant risks, allowing unauthorized access to affected devices. Review the recommendations in this Cybersecurity Threat Advisory to ensure your systems are secure. What...
Ask an MSP Expert: How to excel at public speaking
In this edition of Ask an MSP Expert, we delve into the power of public speaking. Whether you’re addressing a conference, leading a sales presentation, or simply conversing in a team meeting, mastering the art of public speaking can profoundly...
Cybersecurity Threat Advisory: USB attacks
There have been increasing reports of threat actors leveraging a classic malware delivery method in recent months: USB attacks. Continue reading this Cybersecurity Threat Advisory to learn how you can prevent these attacks and reduce risks for your customers. What...
Turning your MSP website from a brochure to a lead-driving appointment setter
If you’re researching how to improve your MSP website, you probably fall into a few categories: You spent a lot of money on your MSP website, and it’s not giving you what you want, leads. You’re looking to update your...
Cybersecurity Threat Advisory: Cisco patches high-severity bug
Cisco has released security updates for a vulnerability affecting its Secure Client software. Successful exploitation could allow threat actors to steal a targeted user’s token and establish a virtual private network (VPN) session. The vulnerability tracked as CVE-2024-20337 has a...
Cybersecurity Threat Advisory: TeamCity’s server vulnerabilities
This Cybersecurity Threat Advisory highlights JetBrains’ TeamCity vulnerabilities found in the CI/CD Server. One vulnerability allows unauthenticated access to an instance while the other allows for unauthenticated information disclosure and modification. What is the threat? A critical-severity authentication bypass vulnerability...
Cybersecurity Threat Advisory: Critical vulnerabilities in VMware
VMware has released updates addressing four security flaws in ESXi, Workstation, and Fusion. Two out of the four flaws, CVE-2024-22252 and CVE-2024-22253, were identified as critical with CVSS scores of 9.3 for Workstation/Fusion and 8.4 for ESXi. This Cybersecurity Threat...
Pioneers in Tech: Carol Shaw, Atari video game designer
“I was good at math. I entered a bunch of math contests and won awards. Of course, people would say, “Gee, you’re good at math—for a girl. That was kind of annoying. Why shouldn’t girls be good at math?” This...