Month: January 2025
Cybersecurity Threat Advisory: Critical vulnerabilities in VPNs and routers
Critical vulnerabilities have been discovered in multiple tunneling protocols, potentially exposing approximately 4.2 million hosts. These include a wide range of devices such as Virtual Private Networks (VPNs), Internet Service Provider (ISP) home routers, core internet routers, mobile network gateways,...
Cybersecurity Threat Advisory: SonicWall SMA1000 vulnerability
A pre-authentication deserialization vulnerability has been discovered in SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) and is already being used in zero-day attacks. Review the details within this Cybersecurity Threat Advisory to protect your organization. What...
Tech Time Warp: The scourge of SQL Slammer
It must have been frustrating to write the Jan. 25, 2003, Microsoft press release responding to the SQL Slammer worm, also known as Sapphire. Read between the lines, and it’s easy to decipher the statement’s real message: “We tried to...
Threat Spotlight: Tycoon 2FA phishing kit updated to evade inspection
This Threat Spotlight sheds light on the Tycoon multi-factor authentication phishing kit and the tactics it uses to evade protection solutions. Phishing-as-a-Service (PhaaS) provides attackers with advanced toolsets and templates that enable them to quickly deploy phishing campaigns. The rapid...
AI adoption: Challenges and opportunities for MSPs
An expected boon to IT spending driven by investments in artificial intelligence (AI) may take longer to materialize than expected. A UBS survey of over 120 IT executives found that only 11 percent are running an AI application in a...
2025 trends for MSP marketing
It’s that time of year again—the time when we set goals and look forward to what the new year may bring. I’ve been in the managed service provider (MSP) marketing space for a very long time – and I can...
Unlocking a new opportunity: Selling cybersecurity to schools for MSPs
Managed service providers (MSPs) often overlook schools and other educational institutions, even though they present an excellent opportunity for new business. That is, if one is ready to handle some of their inherent challenges. According to various market research reports,...
Tip Tuesday: Differentiate your service offerings with customization
As the managed services industry becomes more crowded, succeeding as a managed service provider (MSP) requires you to differentiate your service offerings, and to convince your current and potential clients that your company and services will allow them to accomplish...
The SOC case files: XDR’s automation offers rapid cloud protection
This edition of the SOC case files showcases how Barracuda Managed XDR detects an impossible travel, indicating a user login credentials were compromised. Incident summary An employee at a telecommunications company connected as usual to their cloud account. They then...
Cybersecurity Threat Advisory: Vulnerability in Ivanti secure access solutions
A critical security flaw in Ivanti, CVE-2025-0283, is affecting Ivanti Connect Secure, Policy Secure, and ZTA Gateways. This stack-based buffer overflow vulnerability allows a locally authenticated attacker to escalate their privileges. Continue reading this Cybersecurity Threat Advisory to mitigate your...
