Category: Featured
Survey shows MSPs with cloud optimization expertise are in need
A survey of 300 U.S. finance leaders at organizations with more than $50 million in revenue suggests companies are looking to fund artificial intelligence (AI) initiatives in part by optimizing cloud spending. Surging cloud costs A survey conducted by market...
Cybersecurity Threat Advisory: GhostLock – A new denial-of-availability attack technique
GhostLock is a newly disclosed attack technique that abuses the Windows CreateFileW API to lock enterprise files by requesting exclusive, deny‑share handles. Read this Cybersecurity Threat Advisory to learn how to limit your organization’s exposure to this attack. What is...
Cybersecurity Threat Advisory: RMM-based phishing attacks
An ongoing phishing campaign has been observed targeting multiple vectors and leveraging legitimate Remote Monitoring and Management (RMM) tools to establish persistent remote access on compromised hosts. Read this Cybersecurity Threat Advisory to mitigate risk for you and your clients....
Cybersecurity Threat Advisory: Linux kernel vulnerabilities exploited by Dirty Frag
Dirty Frag is a newly disclosed Linux kernel local privilege escalation (LPE) exploit chain. It combines two independent kernel vulnerabilities—CVE‑2026‑43284 and CVE‑2026‑43500—to deliver reliable, first‑attempt root access across virtually all major Linux distributions. A working proof of concept (PoC) is...
Cybersecurity Threat Advisory: PAN-OS Captive Portal zero-day vulnerability
Threat actors are actively exploiting a PAN‑OS zero‑day that impacts the User‑ID Authentication (Captive) Portal. This exploit enables unauthenticated remote code execution with root privileges on PA‑Series and VM‑Series firewalls. Continue reading this Cybersecurity Threat Advisory to learn how to...
If you’re an MSP owner who wants more consistent leads, start here
As someone who’s spent the last 8+ years helping hundreds of MSPs generate leads and book real sales conversations, I hear the same frustration over and over again: “We’re doing some marketing… but leads are inconsistent.” Some months are busy. ...
Cybersecurity Threat Advisory: MOVEit authentication bypass vulnerability
A vulnerability has been identified involving a critical authentication bypass in Progress MOVEit Automation, a widely used managed file transfer and automation platform. This flaw allows unauthenticated attackers to bypass authentication mechanisms and gain unauthorized access to MOVEit Automation environments....
The compliance trap: checking boxes isn’t the same as being secure
When businesses pass a SOC 2 audit, complete a HIPAA assessment, or earn a Cyber Essentials certification, there’s often a sense of relief—the work is done. In reality, that moment is where risk often begins. “Compliance frameworks establish a baseline,”...
The AI opportunity in account management for MSPs
MSPs have already survived one identity crisis. The shift from break-fix to recurring services was not a gentle transition for most people. It required changing how you priced, staffed, sold, and thought about your relationship with clients. Innovators and early...
Cybersecurity Threat Advisory: Blue Hammer zero-day
A researcher leaked a zero‑day vulnerability dubbed “BlueHammer” to protest Microsoft’s handling of the private disclosure process. Although the published code contains implementation bugs, attackers with local access can still use it to compromise affected systems. Read this Cybersecurity Threat...
