Month: September 2024

generative AI
How CISOs can leverage generative AI to improve email, application security

How CISOs can leverage generative AI to improve email, application security

In an era where digital threats evolve at an unprecedented pace, the integration of generative AI into cybersecurity operations has become essential. From content creation to behavior prediction and knowledge articulation, generative AI is reshaping the landscape of security practices, offering immense...

/ September 11, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Veeam Backup security flaws

Cybersecurity Threat Advisory: Veeam Backup security flaws

There were recently six vulnerabilities discovered in Veeam Backup and Replication. One of them is an unauthenticated remote code execution (RCE), while the other five include authenticated RCE, arbitrary file deletion, low-privileged multi-factor authentication (MFA) setting modification and MFA bypass,...

/ September 10, 2024
cyber risk
Summer Roundup: Cyber risks for MSPs to monitor

Summer Roundup: Cyber risks for MSPs to monitor

As summer begins its swan song and thoughts begin to turn toward autumn, the Cybersecurity and Infrastructure Security Agency (CISA) has a fresh batch of advisories. Released in August, these advisories highlight the various cyber risks lurking out there, many...

/ September 10, 2024
generative AI
Generative AI inference engines create MSP opportunities

Generative AI inference engines create MSP opportunities

More organizations are beginning to operationalize generative artificial intelligence (AI). Along with this, many of them will be looking to managed service providers (MSPs) to help them optimally deploy the inference engines that are needed to analyze data in production...

/ September 9, 2024
Tech Time Warp
Tech Time Warp: Back to school and back to hacks

Tech Time Warp: Back to school and back to hacks

Now that we are past Labor Day, school is back in session across the United States—which means summer vacation is over for cybercriminals, too. Let’s dive into this week’s edition of Tech Time Warp. The education sector is increasingly a...

/ September 6, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cicada3301 ransomware variant

Cybersecurity Threat Advisory: Cicada3301 ransomware variant

A new ransomware variant has been found, known as Cicada3301. It exhibits similarities to the defunct BlackCat (ALPHV) operation, and it targets both Windows and Linux systems. Review the details in this Cybersecurity Threat Advisory to learn how this variant...

/ September 6, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Chrome zero-day vulnerability

Cybersecurity Threat Advisory: Chrome zero-day vulnerability

A critical zero-day vulnerability in Chrome has been identified, allowing unauthorized access and potential remote code execution on affected systems. Continue reading this Cybersecurity Threat Advisory for more information and to safeguard your systems now. What is the threat? The...

/ September 5, 2024
ITRC
Three new reports from ITRC: H1 breaches, 2023 trends, and a new toll scam

Three new reports from ITRC: H1 breaches, 2023 trends, and a new toll scam

As longtime readers of this space already know, I’m a big fan of the Identity Theft Resource Center (ITRC). Their regular breach reports provide lots of highly detailed statistics, their trend reporting is invaluable to help project the future of...

/ September 4, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: VMware ESXi vulnerability exploited by BlackByte ransomware

Cybersecurity Threat Advisory: VMware ESXi vulnerability exploited by BlackByte ransomware

BlackByte ransomware group is actively exploiting CVE-2024-37085, a recently patched authentication bypass vulnerability in VMware ESXi hypervisors. The exploitation of this flaw has led to the deployment of ransomware across victim networks. BlackByte ransomware group has marked it as a...

/ September 3, 2024
data migration
Data migration expertise: A must-have for MSPs

Data migration expertise: A must-have for MSPs

Managed service providers (MSPs) that have data migration expertise are finding their services are in more demand than ever. A survey of 300 application and software development, IT, and security leaders conducted on behalf of Onymos, found that more than...

/ September 3, 2024