Category: Featured

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: BYOVD attacks leveraged by Medusa ransomware

Cybersecurity Threat Advisory: BYOVD attacks leveraged by Medusa ransomware

The Medusa ransomware-as-a-service (RaaS) operation has recently been observed using a malicious driver named ABYSSWORKER in Bring Your Own Vulnerable Driver (BYOVD) attacks. This technique allows threat actors to disable security software by exploiting legitimate, vulnerable drivers to gain kernel-level...

/ March 25, 2025
PhaaS attacks
Threat Spotlight: A million PhaaS attacks in two months

Threat Spotlight: A million PhaaS attacks in two months

The first few months of 2025 saw a massive spike in phishing-as-a-service (PhaaS) attacks targeting organizations around the world, with more than a million attacks detected by Barracuda systems in January and February. The attacks were powered by several leading...

/ March 24, 2025 / 8 Comments
Tech Time Warp
Tech Time Warp: The 10-day takeover of a botnet

Tech Time Warp: The 10-day takeover of a botnet

In 2009, researchers from the University of California, Santa Barbara, outsmarted the cybercriminals behind the notorious Torpig botnet. They uncovered critical knowledge about how this type of malware works. Learn how in this edition of Tech Time Warp. Researchers first...

/ March 21, 2025
cloud resources
MSP opportunity: Tackling the chronic waste of cloud resources

MSP opportunity: Tackling the chronic waste of cloud resources

Two reports reveal that most organizations have made little progress in optimizing their cloud infrastructure resource consumption. This gap presents a unique opportunity for managed service providers (MSPs) to address the growing demand for expertise in this area. Insights into...

/ March 20, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New RAT malware

Cybersecurity Threat Advisory: New RAT malware

Microsoft has issued a warning about a new, sophisticated remote access trojan (RAT) called StilachiRAT. Threat actors are actively using StilachiRAT to evade detection to establish persistent access to compromised systems. Continue reading this Cybersecurity Threat Advisory to protect your...

/ March 20, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical AMI BMC vulnerability

Cybersecurity Threat Advisory: Critical AMI BMC vulnerability

AMI has disclosed a critical vulnerability, CVE-2024-54085, with a CVSS score of 10.0. This vulnerability allows attackers to gain remote access and execute malicious commands. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is...

/ March 19, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Apache Tomcat vulnerability

Cybersecurity Threat Advisory: Apache Tomcat vulnerability

A severe remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2025-24813, is actively exploited in the wild, allowing attackers to gain server control using a simple PUT request. Review the details in this Cybersecurity Threat Advisory to learn...

/ March 19, 2025
MSPs transportation
New MSP opportunity: Tapping into growing field of transportation cybersecurity

New MSP opportunity: Tapping into growing field of transportation cybersecurity

The transportation vertical is rapidly growing, yet it is often overlooked by managed service providers (MSPs). However, hackers have taken notice. From 2017 to 2022, transportation vertical experienced a 400 percent increase in cyberattacks, and the pace shows no sign...

/ March 18, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical authentication bypass in ruby-saml

Cybersecurity Threat Advisory: Critical authentication bypass in ruby-saml

CVE-2025-25292 and CVE-2025-25291 are related to an authentication bypass vulnerability found in ruby-saml due to parser differential handling. The flaws carry a high CVSS score of 8.8. The vulnerability exists in the way ReXML and Nokogiri parse XML differently. The...

/ March 17, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: EOL Juniper Networks MX routers targeted in attacks

Cybersecurity Threat Advisory: EOL Juniper Networks MX routers targeted in attacks

Threat actor UNC3886 has been observed targeting end-of-life (EOL) MX routers from Juniper Networks as part of a sophisticated campaign designed to deploy custom backdoors. This group has demonstrated a particular focus on internal networking infrastructure, which allows them to...

/ March 13, 2025