Category: Featured
Cybersecurity Threat Advisory: Command injection flaw in Zyxel NAS devices
Zyxel, a networking equipment manufacturer, has released urgent security updates to address critical vulnerabilities in their network-attached storage devices. CVE-2023-27992 (CVSS score: 9.8) has been declared as a pre-authentication command injection vulnerability. What is the threat? The threat involves multiple vulnerabilities...
Threat Spotlight: Attackers use 15-year-old tactics to target security flaws
Attackers are quick to exploit new opportunities for attack. The reporting of the Log4J bug in December 2021, for example, is believed to have led to a 150% increase in exploit activity the following year. However, an analysis of Barracuda’s threat detection...
Tech Time Warp: 80s viruses that hit the Apple II
Apple products have a reputation for being immune to malware, but that is not 100 percent true. In 1988, hackers released two viruses targeting ProDOS, the Apple II operating system. Admittedly, it took hackers five years to attack ProDOS —...
Cybersecurity Threat Advisory: New custom malware discovered
Researchers have uncovered a year-long, highly targeted cyber-attack utilizing custom malware called RDStealer. The bespoke malware campaign against an East Asian IT company has been active for more than a year with the intent to compromise credentials and exfiltrating data....
The MSP’s guide to services pricing
For managed service providers (MSPs), it’s obvious that pricing is important. Prospects will generally only pay the going market rate, typically driven by your competition’s offering. As such, you must be careful in how you price your service offerings. For...
Cybersecurity Threat Advisory: Critical vulnerabilities with ASUS routers
ASUS recently released critical security updates for several vulnerabilities across multiple router models. Two out of the nine vulnerabilities are categorized as Critical, including an out-of-bounds write vulnerability and a memory corruption flaw. Barracuda SOC recommends applying the latest security...
Bend, don’t break: How attackers and defenders learn from each other
For more than 30 years, cyber attackers and security teams have battled it out across the digital landscape, one side looking for gaps and flaws to target, the other side fixing and protecting them. The pace of the conflict is...
Tip Tuesday: Create a growth plan to meet the demand for managed services
Business is booming for managed service providers (MSPs). The as-a-service model has skyrocketed in popularity as more organizations embrace digitization and scalability. While that’s great news for MSPs, it also raises demand. If your business doesn’t already have a growth...
MSPs and the next wave of cybersecurity AI solutions
While cybersecurity researchers tend to revel in discovering vulnerabilities, many of the ones that do get disclosed require cybercriminals to have extensive expertise to exploit. Most cybercriminals today remain focused on launching attacks that use tried and true techniques and...
Tech Time Warp: Morto worm relishes on common usernames and weak passwords
Before you read any more of this post, ask yourself: Are you using “administrator” as a username for any service? If the answer is yes, stop what you’re doing and change that immediately. Then return here to find out why....
