Security Alert: Microsoft Windows Operating Systems
On January 14th, 2020, Microsoft released a handful of critical patches to address security vulnerabilities. These include Windows CryptoAPI, Windows Remote Desktop Gateway (RD Gateway), and Windows Remote Desktop Client. Any machines running 32- or 64-bit Windows 10 operating systems,...
Cybersecurity Threat Advisory: Windows CryptoAPI Spoofing Vulnerability
Advisory Overview Multiple versions of Windows are susceptible to a spoofing vulnerability that could allow an attacker to modify TLS-encrypted communications or spoof an Authenticode signature. Microsoft has issued an update to fix the vulnerability which is available in the...
Cybersecurity Threat Advisory: Rise in Malicious Cyber Activity by Iranian Regime Actors
Advisory Overview There has been a rise in recent malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies, according to the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA)...
Cybersecurity Threat Advisory: LifeLabs Cyberattack & Data Breach
Advisory Overview During October 2019 LifeLabs experienced a large-scale ransomware incident where attackers potentially gained access to various pieces of personal information for up to 15 million customers primarily within the British Columbia & Ontario areas of Canada. LifeLabs reportedly...
Cybersecurity Threat Advisory: Vulnerability in Two Citrix Devices (Updated Jan 30th 2020)
Update Threat actors are now exploiting this vulnerability to deploy ransomware on customers networks. Citrix has provided a patch for this vulnerability and SKOUT has seen successful exploitation of the vulnerability. Patching is not enough, researchers have found that threat...
Cybersecurity Threat Advisory: Data Leaks Due to Unsecured Cloud Environments
Advisory Overview There have been numerous data leaks recently due to misconfigured cloud environments, most notably ElasticSearch and Amazon S3. Gartner predicted that 95% of cloud security failures will be due to misconfigured clouds in 2020 earlier this year and...
Cybersecurity Threat Advisory: Windows Zero-Day Privilege Escalation Exploit
Advisory Overview Kaspersky has detected a Windows 0-day vulnerability which attackers are using in conjunction with a Google Chrome exploit to take control of unpatched systems. Last month Google patched Chrome for an exploit which allows attackers to hack visitors...
Cybersecurity Threat Advisory: Security Measures for the Holiday Season
Advisory Overview During the upcoming holiday season, SKOUT wants to ensure that our customers stay safe while traveling and are extra vigilant online. With holiday sale campaigns and donations to charities in full swing, the time is perfect for spam...
Content Shield now integrates with Barracuda RMM
The modern workforce is becoming more mobile. Often, businesses have remote workers and road warriors with laptops who can connect any time, at any place. Unsurprisingly, this poses security challenges for MSPs tasked with protecting customers who use these devices....
Cybersecurity Threat Advisory: Email Bombing
Advisory Overview Threat actors have recently increased attempts to take email servers offline by overloading the servers with thousands of email messages (known as “email bombing”). This attack is similar to a Denial of Service (DOS) attack, where hundreds of...
