Month: November 2024
Elevate your MSP: Invest in Sales Engineer training
When managed service providers (MSPs) talk to clients about their security or technology needs, the clients’ employees are a vital part of any proposed solution. Deploying technology without the proper user training and education can lead to underutilization, lower customer...
Cybersecurity Threat Advisory: Okta username flaw
Researchers have discovered a critical vulnerability in Okta which allows an user to authenticate to an account with a username longer than 52 characters without multi-factor authentication (MFA) enabled. Read this Cybersecurity Threat Advisory to learn how this may impact...
Ask an MSP Expert: How can pentesting add value to an MSP security service offering?
In today’s cybersecurity landscape, many MSPs are looking to add penetration testing (pentesting) to their service offering. Pentesting is a simulated cyberattack on a system, network, or application to find vulnerabilities before real hackers can exploit them. It helps organizations...
Cybersecurity Threat Advisory: CRON#TRAP phishing campaign
A new phishing campaign, identified as CRON#TRAP, are targeting Windows systems with a preloaded Linux virtual machine (VM) to evade detection to conduct malicious acts. Continue reading this Cybersecurity Threat Advisory to learn how to protect against this phishing campaign....
Cybersecurity Threat Advisory: Zero-click flaw in Synology NAS devices
Synology, network-attached storage (NAS) maker, addressed critical security vulnerability, CVE-2024-10443, which impacts their DiskStation and BeePhotos applications. This is an unauthenticated vulnerability that can allow attackers to obtain root-level code execution on Synology NAS devices. Review the details in this...
Cybersecurity Threat Advisory: Vulnerabilities found in Microsoft Azure AI
Significant vulnerabilities in Microsoft’s Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content. Continue reading this Cybersecurity Threat Advisory to learn the implications of these flaws and which security...
GenAI FOMO plays to the strengths of MSPs
Interest in generative artificial intelligence (GenAI) remains high. However, a survey of over 250 executives shows that only 22 percent believe their organization’s data foundation is fully ready to support GenAI applications, while 53 percent think their organization is somewhat...
Beyond phishing: How cybercriminals target SMBs vs. enterprises
Security-focused managed service providers (MSPs) know that small to midsize businesses (SMBs) often take a more cavalier approach to cybersecurity than larger organizations. They often believe that because they are small and less well-known, they’re less likely to draw the...
Beyond patches and firewalls: Advanced strategies for cyberthreat defense
Threat mitigation is to managed service providers (MSPs) what preventative medicine is to doctors. In other words, threat mitigation is the first line – and often least expensive – defense against cybercriminals. Of course, some of the basic steps include...
Cybersecurity Threat Advisory: New Microsoft Windows vulnerabilities
Two new Microsoft vulnerabilities, CVE-2024-21302 and CVE-2024-38202, are impacting Windows systems. Read this Cybersecurity Threat Advisory to learn more about how these vulnerabilities can be leveraged to exploit Microsoft Windows and how to protect your systems. What is the threat?...
