Cybersecurity Threat Advisory: Jenkins UDP DDoS Attack (CVE 2020-2100)
Advisory Overview Jenkins is an open source automation server used to build, test and deploy software projects. Attackers are rendering two services that are enabled by default in Jenkins (UDP multicast/broadcast and DNS multicast) unusable with Distributed Denial of Service...
Demonstrating your value with Barracuda RMM
Being a managed service provider (MSP) is not easy. Not only do MSPs need to be in tune with the latest and greatest technologies, manage the ever-growing business trends such as cloud computing, remote workforce, secure the right talents for...
Cybersecurity Threat Advisory: Cisco Firepower Management Center Vulnerability
Advisory Overview Security researchers discovered a critical flaw in the web interface of the Cisco Firepower management center (FMC). Cisco Firepower management center is a platform for managing Cisco network security solutions such as firewalls, application control, intrusion prevention, URL...
Ask an MSP Expert: How can I make sure my customers are secure online?
Q: One of my customers recently fell victim to a suspicious download from a fraudulent website. How can I prevent this in the future? Attacks through websites are not uncommon. As cybercriminals become more sophisticated with attack vectors such as drive-by downloads and malvertising,...
Cybersecurity Threat Advisory: RCE in OpenSMTPD library (CVE-2020-7247)
Advisory Overview There is a critical remote code execution vulnerability in the OpenSMTPD library, impacting BSD and Linux Distros. Exploitation could allow an attacker to execute commands as root. A link to the patch is included in the recommendation section...
Cybersecurity Threat Advisory: Iranian Hacking Campaign Targets European Energy Company
Advisory Overview Researchers have reported increased cyber activity within the European energy sector by a high-profile hacking group. The increased activity is possibly linked to Iranian state sponsored attacks. The hackers conducted cyber espionage and gained remote access using the...
Cybersecurity Threat Advisory: Security Vulnerabilities Identified in ConnectWise Control
Advisory Overview Multiple security vulnerabilities in ConnectWise Control were recently disclosed. Anyone using the MSP focused software should immediately update to the newest version and be on the lookout for future updates. ConnectWise has responded to the disclosure and issued...
Cybersecurity Threat Advisory: Sodinokibi Ransomware
Advisory Overview We have previously issued advisories on Sodinokibi Ransomware in Threat Advisory 0034-19 and Threat Advisory 0021-19. The same strand recently hit a Colorado Based MSP Synoptek and the foreign currency exchange Travelex. Sodinokibi has been particularly damaging and...
Cybersecurity Threat Advisory: SIM Swapping Fraud
Advisory Overview There has been increase in targeted attacks using SIM Swapping as a method to gain access to victim’s private data such as banking information, credit card information, and personally identifiable information. We advise taking extra precautions to secure...
Cybersecurity Threat Advisory: RSA SecurID 2FA Bypass
Advisory Overview Malicious actors have found a way to bypass 2FA for VPN accounts that were secured with RSA SecurID. RSA considers the scenario to be against recommended deployment practices rather than a security vulnerability. They continued to say that...
