Category: Featured

Ride-sharing app Uber hacked via social engineering scheme

Ride-sharing app Uber hacked via social engineering scheme

Last month, the popular ride-sharing app Uber announced a cybersecurity incident that affected a variety of company accounts. The breach reportedly originated within Uber’s internal Slack communication channel after a hacker tricked an employee into sharing their login credentials. Those...

/ October 3, 2022
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New Microsoft Exchange Server zero-day vulnerability

Cybersecurity Threat Advisory: New Microsoft Exchange Server zero-day vulnerability

Researchers from GTSC found a new zero-day vulnerability for Microsoft Exchange Server in the wild. Upon successful exploitation, threat actors can perform RCE (Remote Code Execution) via a backdoor onto the compromised system. GTSC has released a report outlining the...

/ September 30, 2022
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Zoho ManageEngine RCE bug

Cybersecurity Threat Advisory: Zoho ManageEngine RCE bug

A critical Zoho ManageEngine Remote Code Execution (RCE) flaw is being actively exploited according to The US Cybersecurity and Infrastructure Security Agency (CISA). This vulnerability allows remote attackers to execute arbitrary code on affected installations of Password Manager Pro, PAM360 and...

/ September 30, 2022
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Sophos Firewall critical vulnerability

Cybersecurity Threat Advisory: Sophos Firewall critical vulnerability

Sophos has identified a remote code execution vulnerability tracked as CVE-2022-3236. This vulnerability affects the User Portal and Webadmin components of Sophos Firewalls. Upon a successful exploitation, a threat actor can gain root privileges and deploy a ransomware attack. Barracuda...

/ September 28, 2022
CISA warns industrial clients are vulnerable

CISA warns industrial clients are vulnerable

MSPs with industrial clients in their portfolios have a set of security issues that often differ from other verticals, and each vertical brings its own baggage. With healthcare clients, for example, it’s PHI and HIPAA regulations. With finance clients, there...

/ September 28, 2022
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Phishing attacks targeting GitHub accounts

Cybersecurity Threat Advisory: Phishing attacks targeting GitHub accounts

GitHub alerted the public that there is an ongoing phishing campaign that is targeting its users by impersonating CircleCI continuous integration and delivery platform. These phishing attacks are designed to steal the targeted user’s account credentials and authentication codes. A...

/ September 26, 2022
David Kern, one of the 100 people you don’t know but should

David Kern, one of the 100 people you don’t know but should

CRN®, a brand of The Channel Company, recently announced their ‘100 People You Don’t Know But Should’ list for 2022. Barracuda MSP is honored to share that one of our very own, David Kern, Regional Manager of Partner Success, earned...

/ September 26, 2022
Tech Time Warp: District judge rules that computer code is protected by copyright

Tech Time Warp: District judge rules that computer code is protected by copyright

Sept. 22, 1986, marked a milestone in a protracted legal battle between Intel and NEC Corp. over copyright protection of computer code. As they fought for control of the microprocessor market, the two semiconductor companies—Intel American, and NEC Corp. Japanese—found...

/ September 23, 2022
Cloud security incidents on the rise

Cloud security incidents on the rise

As more workloads are deployed in the cloud, it’s become increasingly apparent that most organizations are struggling with security. A recent survey of 400 cloud engineering and security practitioners and leaders by the market research firm, Propeller Insights on behalf...

/ September 22, 2022
Cybersecurity summits and tools to improve training

Cybersecurity summits and tools to improve training

Anytime an MSP can expose its engineers and technicians to free training and education, it’s an opportunity that shouldn’t be passed up. One such opportunity is the upcoming “5th Annual Cybersecurity Summit” hosted by CISA and Morehouse College in Atlanta....

/ September 21, 2022 / 6 Comments