Month: July 2025
Cybersecurity Threat Advisory: CrushFTP zero-day vulnerability
CrushFTP has disclosed a new critical vulnerability, CVE-2025-54309, which is currently being exploited in the wild. One indicator of compromise is a “last_logins” value set for internal default accounts. Review the details in this Cybersecurity Threat Advisory to help minimize...
Helping MSPs navigate their first audit with confidence
Managed service providers (MSPs) are increasingly expected to provide more than just IT support—they’re becoming essential players in helping clients meet compliance and security requirements. Whether you’re building a SOC 2 practice or supporting a healthcare client subject to Health...
Cybersecurity Threat Advisory: Microsoft SharePoint zero-day vulnerability
Attackers are actively exploiting CVE-2025-53770, a critical zero-day vulnerability in Microsoft SharePoint, to execute remote code without authentication. This flaw allows attackers to deploy persistent malware and potentially exfiltrate sensitive data from unpatched on-premises environments. Review the full details in...
Vacation season is open season for cybercriminals: Here’s why
For school children, summer means lazy days of swimming pools, splash pads, melting ice cream cones, and camp. For cybersecurity professionals, it means being on guard 24/7, because cybercriminals don’t take a summer break. The summertime impact Cyberattacks now occur...
Barracuda launches Entra ID Backup Premium to strengthen Microsoft Identity data recovery
Barracuda has introduced Entra ID Backup Premium, a SaaS-based solution designed to help organizations recover Microsoft Entra ID data beyond the platform’s default 30-day retention window. The launch adds a critical layer to identity protection, enabling fast restoration of users,...
Cybersecurity Threat Advisory: FileFix attack weaponizes Windows File Explorer
Security researchers have uncovered a new attack method known as “FileFix,” which exploits Windows File Explorer to execute stealthy PowerShell commands. By abusing legitimate Windows functionality, attackers can run malicious code while evading traditional security controls. Read this Cybersecurity Threat...
Pioneers in Tech: The man behind Moore’s Law
July 18 marks the 57th anniversary of Intel’s incorporation—and as with any of the Silicon Valley juggernauts, the backstory of its founders is fascinating. Take Gordon Moore, who—along with Robert Noyce and Andy Grove—incorporated the microprocessor company in 1968 and...
Cybersecurity Threat Advisory: Microsoft SQL server zero-day vulnerability
A critical information disclosure vulnerability has been identified in Microsoft SQL Server, designated as CVE-2025-49719 with a CVSS score of 7.5. This vulnerability allows unauthorized attackers to access sensitive data over a network, posing a serious risk to organizations that...
Cybersecurity Threat Advisory: FortiWeb critical SQL injection vulnerability
A high-severity SQL injection vulnerability, CVE-2025-25257, in Fortinet FortiWeb enables pre-authenticated remote code execution (RCE). It has a a CVSS score of 9.8. Review the details in this Cybersecurity Threat Advisory to keep your environment safe. What is the threat?...
The cybersecurity gap is real—And MSPs are the solution
Despite frequent headlines about successful cyberattacks, many small businesses remain unprepared. Small business cybersecurity is still falling short in the face of growing threats. A survey of 1,000 small businesses with annual revenues of less than $100 million finds that...
