Month: February 2025
Cybersecurity Threat Advisory: Xerox printer vulnerabilities
Two vulnerabilities, CVE-2024-12510 and CVE-2024-12511, have been found in the Xerox VersaLink C7025 Multifunction Printer. Upon successful exploitation, bad actors can capture authentication credentials through pass-back attacks via lightweight directory access protocol (LDAP), server message block (SMB), and file transfer...
Cybersecurity Threat Advisory: Critical Juniper vulnerability
A critical vulnerability, CVE-2025-21589, is found in Juniper Networks’ Session Smart Router, Session Smart Conductor, and WAN Assurance Router products. This flaw enables threat actors to bypass authentication mechanisms and gain administrative control over affected devices. Continue reading this Cybersecurity...
Tip Tuesday: Improve cash flow with effective billing practices
If you’ve been a managed service provider (MSP) for a while, you’ve likely encountered demanding customers and overdue accounts. While there’s no foolproof way to completely resolve this challenge, improving your billing practices can help reduce the issue. Continue reading...
Cybersecurity Threat Advisory: Brute force attack targeting edge devices
The Shadowserver Foundation uncovered a large brute force attack, with approximately 2.8 million IPs launching attacks on edge devices like firewalls, routers, and VPNs. Continue to read this Cybersecurity Threat Advisory to learn how you can mitigate the risks of...
MSP Training: How often and what kind?
According to Barracuda Network’s Evolving Landscape of the MSP 2024 report, 38 percent of managed service providers (MSPs) offer security awareness training (SAT). However, experts say that the percentage should be much higher because of the high return on investment...
Cybersecurity Threat Advisory: High-severity PAN-OS vulnerability
A high-severity authentication bypass vulnerability in PAN-OS software, CVE-2025-0108, was disclosed. This flaw allows unauthenticated attackers with network access to bypass authentication and invoke PHP scripts, compromising system integrity and confidentiality. Read this Cybersecurity Threat Advisory to learn how you can...
The importance of flexible deployment in email security solutions
Companies are facing an increasing array of sophisticated threats, particularly through business email channels. These threats can disrupt operations, expose sensitive data, and cost the companies millions of dollars in recovery costs, compliance penalties, and lawsuit settlements. This adds to any...
Tech Time Warp: It’s the Storm Worm, not a secret admirer
The FBI had a real Debbie Downer message to deliver in 2008: That unexpected Valentine’s Day e-card was not from a secret admirer. Instead, it was an invitation for the unwitting recipient to join the Storm Worm botnet. Learn all...
XDR roundup 2024: Ransomware rises fourfold in a year of complex threats
In 2024, Barracuda Managed XDR logged many trillions of IT events to identify the critical security threats targeting organizations and neutralize malicious activity. Threat analysts in Barracuda Managed XDR’s Security Operations Center (SOC) have drawn on this unique dataset to highlight the...
Cybersecurity Threat Advisory: Apple critical zero-day vulnerability
Apple has issued emergency security updates to address a critical zero-day vulnerability, CVE-2025-24200, which has been exploited in targeted and “extremely sophisticated” attacks. This vulnerability affects iPhone and iPad users, posing significant risks to user security. Review the details of...
