All posts by Doris Au

Doris is a product marketing manager at Barracuda MSP. In this position, she is responsible for connecting managed service providers with multi-layered security and data protection products that can protect their customers from today’s advanced cyber threats.

Cybersecurity Threat Advisory: SonicWall Releases Hotfix for RCE/DoS Vulnerability

Cybersecurity Threat Advisory: SonicWall Releases Hotfix for RCE/DoS Vulnerability

Threat Update SonicWall has released a hotfix for a critical RCE / DoS vulnerability that affects a subset of their firewall devices. This vulnerability (tracked as CVE-2022-22274) in Sonic OS allows an unauthenticated remote attacker to perform denial of service...

/ March 30, 2022
Cybersecurity Threat Advisory: Threat Actors Could Target Sophos Firewall

Cybersecurity Threat Advisory: Threat Actors Could Target Sophos Firewall

Threat Update Sophos has disclosed a critical-level authentication bypass vulnerability (CVE-2022-1040) that impacts Sophos Firewall v18.5 and below. If this vulnerability is exploited, an attacker could get unfettered access to the firewall and execute remote code at will. Barracuda MSP’s...

/ March 30, 2022
Cybersecurity Threat Advisory: RCE in Okta Advanced Server Access Client

Cybersecurity Threat Advisory: RCE in Okta Advanced Server Access Client

Threat Update The Okta Advanced Server Access Windows client is vulnerable to an unauthenticated remote code execution vulnerability. Thousands of companies rely on Okta to provide zero-trust identity and access management for cloud and on-premises infrastructure. This vulnerability can be...

/ March 11, 2022
Ask an MSP Expert: How can we streamline our patch management process?

Ask an MSP Expert: How can we streamline our patch management process?

Q: With the increase of cyber attacks and the growing remote workers, what are some best patch management practices to better protect my customers? Patch management serves as a key defense against cyber threats and is also required to ensure...

/ March 8, 2022
Cybersecurity Threat Advisory: Cisco Nexus Series Switches Command Injection Vulnerability

Cybersecurity Threat Advisory: Cisco Nexus Series Switches Command Injection Vulnerability

Threat Update Cisco has released several patches to resolve vulnerabilities in their Cisco Nexus Series Switches. These vulnerabilities include critical flaws related to command injection, as well as three Denial of Service bugs in the NX-OS. These vulnerabilities are tracked...

/ March 7, 2022
Cybersecurity Threat Advisory: Malware and Ransomware Attacks For Ukrainian organizations

Cybersecurity Threat Advisory: Malware and Ransomware Attacks For Ukrainian organizations

Threat Update In the ongoing conflict between Russia and Ukraine, security experts have been observing cyberattacks targeting Ukrainian government departments with overwhelming levels of Internet traffic and data-wiping malware. Upon further analysis, the Ukrainian government has found software and tactics...

/ February 28, 2022
Cybersecurity Threat Advisory: Malicious PowerPoint Files Used to Take Over PCs

Cybersecurity Threat Advisory: Malicious PowerPoint Files Used to Take Over PCs

Threat Update Threat actors are creating socially engineered emails containing PowerPoint file attachments with the extension “.ppam” to hide malicious executables which can rewrite Windows registry settings to gain control over end user’s computers. It is one of many stealthy...

/ February 18, 2022
Cybersecurity Threat Advisory: Trend Micro Fixes Hybrid Cloud Security Vulnerabilities

Cybersecurity Threat Advisory: Trend Micro Fixes Hybrid Cloud Security Vulnerabilities

Threat Update Recently, the cloud security software firm Trend Micro rolled out several patches to resolve vulnerabilities in their Deep Security and Cloud One Workload solutions for Ubuntu agents. These vulnerabilities are tracked as CVE-2022-23119 and CVE-2022-23120. Barracuda MSP recommends...

/ February 16, 2022
Cybersecurity Threat Advisory: BlackByte Ransomware Group Gaining Traction

Cybersecurity Threat Advisory: BlackByte Ransomware Group Gaining Traction

Threat Update The BlackByte Ransomware-as-a-Service group is quickly gaining traction by infecting and cryptolocking multiple companies. Reports regarding this ransomware in the wild have existed since July 2021. In response, the FBI and USSS (United States Secret Service) have issued...

/ February 15, 2022
Cybersecurity Threat Advisory: Apple Releases High-Priority Updates to Mac OS and iOS

Cybersecurity Threat Advisory: Apple Releases High-Priority Updates to Mac OS and iOS

Threat Update After a browser fingerprinting and fraud detection detected an actively exploited vulnerability (which can be tracked as CVE-2022-22587) in Apple’s Safari 15 browser, Apple has released updates that fix the bug (iOS 15.3 and macOS Monterey 12.2). This...

/ February 10, 2022