Ask an MSP Expert: How can we streamline our patch management process?
Q: With the increase of cyber attacks and the growing remote workers, what are some best patch management practices to better protect my customers? Patch management serves as a key defense against cyber threats and is also required to ensure...
Cybersecurity Threat Advisory: Cisco Nexus Series Switches Command Injection Vulnerability
Threat Update Cisco has released several patches to resolve vulnerabilities in their Cisco Nexus Series Switches. These vulnerabilities include critical flaws related to command injection, as well as three Denial of Service bugs in the NX-OS. These vulnerabilities are tracked...
Cybersecurity Threat Advisory: Malware and Ransomware Attacks For Ukrainian organizations
Threat Update In the ongoing conflict between Russia and Ukraine, security experts have been observing cyberattacks targeting Ukrainian government departments with overwhelming levels of Internet traffic and data-wiping malware. Upon further analysis, the Ukrainian government has found software and tactics...
Cybersecurity Threat Advisory: Malicious PowerPoint Files Used to Take Over PCs
Threat Update Threat actors are creating socially engineered emails containing PowerPoint file attachments with the extension “.ppam” to hide malicious executables which can rewrite Windows registry settings to gain control over end user’s computers. It is one of many stealthy...
Cybersecurity Threat Advisory: Trend Micro Fixes Hybrid Cloud Security Vulnerabilities
Threat Update Recently, the cloud security software firm Trend Micro rolled out several patches to resolve vulnerabilities in their Deep Security and Cloud One Workload solutions for Ubuntu agents. These vulnerabilities are tracked as CVE-2022-23119 and CVE-2022-23120. Barracuda MSP recommends...
Cybersecurity Threat Advisory: BlackByte Ransomware Group Gaining Traction
Threat Update The BlackByte Ransomware-as-a-Service group is quickly gaining traction by infecting and cryptolocking multiple companies. Reports regarding this ransomware in the wild have existed since July 2021. In response, the FBI and USSS (United States Secret Service) have issued...
Cybersecurity Threat Advisory: Apple Releases High-Priority Updates to Mac OS and iOS
Threat Update After a browser fingerprinting and fraud detection detected an actively exploited vulnerability (which can be tracked as CVE-2022-22587) in Apple’s Safari 15 browser, Apple has released updates that fix the bug (iOS 15.3 and macOS Monterey 12.2). This...
Cybersecurity Threat Advisory: Two Zero-Day Bugs in Zoom Clients and MMR Servers
Threat Update Recently, security researchers have reported an in-depth analysis of two zero-day vulnerabilities in the video calling service Zoom’s clients and Multimedia Router (MMR) servers. These vulnerabilities could allow attackers to execute arbitrary code, crash your service and application,...
Cybersecurity Threat Advisory: WordPress Themes and Plugins Injected with Backdoor
Threat Update AccessPress, a popular WordPress theme and plugin provider, was compromised in early September 2021 and several of their themes and plugins were injected with a backdoor. This gave the attackers full access to websites that installed these plugins....
Cybersecurity Threat Advisory: VMWare Horizon Server Log4j Vulnerabilities
Threat Update VMware is a virtualization and cloud computing vendor used by many companies worldwide. Recently, VMware announced that they released an update that patches a vulnerability related to the Log4j shell flaw within its Horizon Servers. Successful exploitation of...
