Month: September 2025
Cybersecurity Threat Advisory: SonicWall VPNs targeted by Akira ransomware
Akira ransomware operators have launched an aggressive campaign targeting SonicWall VPN appliances. Attackers have already breached accounts protected by multi-factor authentication (MFA) successfully, leveraging vulnerabilities in SonicWall Secure Mobile Access (SMA) and SSL-VPN portals. The campaign is characterized by rapid...
MSPs are redefining supply chain defense
As a journalist covering the cybersecurity business landscape, I’ve closely followed the growing impact of supply chain attacks throughout 2025. These incidents continue to escalate in frequency and complexity, affecting organizations of all sizes across industries. This two-part series brings...
Lindsay Faria: One of CRN’s 100 People You Don’t Know But Should
Last week, Lindsay Faria, who leads managed service provider (MSP) Marketing for Barracuda in the Americas, was recognized as one of CRN’s 100 People You Don’t Know But Should for 2025. This annual list shines a light on the committed...
Cybersecurity Threat Advisory: Cisco ASA zero-day vulnerability
Threat actors are actively exploiting two critical zero-day vulnerabilities in Cisco Secure Firewall ASA and FTD software. CVE-2025-20333 (CVSS 9.9) and CVE-2025-20362 (CVSS 6.5) allow attackers to chain exploits that bypass authentication and execute malicious code. In response, the U.S....
Tech Time Warp: Debugging a technology origin story
We’ve all been there: Our computer crashes, and we say there are “gremlins inside,” that the machine “geeked out,” or that it must have been “a bug.” And, often, simply rebooting solves the problem. But where the term “computer bug”...
Survey: Skills shortage crisis bodes well for MSPs
A survey of over 200 enterprise chief information officers (CIOs) conducted by the Futurum Group finds nearly three quarters (72 percent) of IT leaders identify talent acquisition and retention as the top challenge, followed by cybersecurity (49 percent) in a...
Cybersecurity Threat Advisory: RCE vulnerability in SolarWinds WHD
A critical remote code execution (RCE) vulnerability, CVE-2025-26399, has been identified in SolarWinds Web Help Desk (WHD) and remains exploitable despite previous fixes. The flaw allows unauthenticated attackers to execute arbitrary code on vulnerable servers, leading to a full system...
Ask an MSP Expert: Position your MSP to win buyers
Let’s face it: the managed service provider (MSP) space is more competitive than ever. Buyers are more informed, expectations are higher, and the old ways of selling just don’t cut it anymore. If you’re still leading with technical specs and...
Cybersecurity Threat Advisory: Severe GoAnywhere MFT vulnerability
Fortra disclosed a critical vulnerability in GoAnywhere Managed File Transfer (MFT), tracked as CVE-2025-10035, with a CVSS score of 10.0. The flaw allows attackers to execute remote code without authentication. Review this Cybersecurity Threat Advisory to keep your systems safe....
Cybersecurity Threat Advisory: Fake password managers
LastPass has issued a warning about a widespread cyber campaign targeting macOS users. Malicious software is being disguised as legitimate applications and distributed through fake GitHub repositories. Read this Cybersecurity Threat Advisory to stay informed and protect your data. What...
