Month: May 2025
Tech Time Warp: Ignoring patches leads to a “Sadmind”
Woe to those who ignore the security patch. Technology history is filled with opportunities to say “I told you so.” A golden example is the story of the “Sadmind/IIS worm” of 2001. Learn more in this edition of Tech Time...
Cybersecurity Threat Advisory: SAP critical vulnerabilities
SAP has released patches to address a second vulnerability, CVE-2025-42999, affecting its SAP NetWeaver tool. The vulnerability involves a privilege escalation issue that, when chained with SAP’s CVE-2025-31324 vulnerability (unauthenticated file upload flaw in SAP NetWeaver Visual Composer), can enable...
Cybersecurity Threat Advisory: Critical zero-day vulnerability in Fortinet
A critical zero-day vulnerability affecting several Fortinet products, most notably FortiVoice enterprise phone systems, has recently been patched. Attackers are actively exploiting CVE-2025-32756 in the wild. Read the details of this Cybersecurity Threat Advisory to learn how to keep your...
Cybersecurity Threat Advisory: ClickFix attack spreading malware
The official website of iClicker, a platform used for student engagement and classroom polling, was recently compromised in a ClickFix-style social engineering attack. Continue reading this Cybersecurity Threat Advisory to learn how to keep your systems safe. What is the...
Federal IT reviews signal fresh MSP opportunities ahead
Federal IT contractors have been facing major changes recently as part of the government’s broader effort to reduce overall spending. Leading systems integrators such as Accenture and Booz Allen are reportedly being asked to identify billions of dollars in savings...
Cybersecurity Threat Advisory: Critical ASUS vulnerabilities
Researchers have discovered two vulnerabilities within the ASUS DriverHub driver management tool that can allow malicious sites to execute commands on targeted devices. They have found no evidence that threat actors have exploited these vulnerabilities in real-world scenarios. Review the...
Global MSP Day: Honoring the unsung heroes of cybersecurity
Global MSP Day is a day designed to bring the unique managed services ecosystem together to recognize the support, protection, and value managed services providers (MSPs) bring to the business community. The eighth annual celebration is scheduled on Thursday, June...
ROI: How smarter MSPs turn $1 into $5 — again and again
When it comes to your marketing metrics, it’s easy to get distracted. Impression rates, website traffic, click-throughs, email opens—you watch the numbers climb and wonder: Is this working? But there’s only one number that tells the full story: Return on...
An MSP’s guide to building cybersecurity incident response plan
Last week, we spoke with industry experts about why every organization needs a solid cybersecurity incident response plan (CIRP). This week, we’re taking it a step further—breaking down the essential steps Managed Service Providers (MSPs) should follow to build a...
SOC Threat Radar — May 2025
In this edition of the SOC Threat Radar, Barracuda Managed XDR’s security solutions, threat intelligence, and SOC analysts highlight key developments from the past month that organizations should have on their radar, including: A 38% rise in attacks targeting FortiGate...
