Category: Featured
Critical Adobe ColdFusion vulnerability
The latest cybersecurity threat advisory highlights vulnerabilities affecting Adobe ColdFusion versions 2018, 2021, and 2023, which are actively being exploited by threat actors in the wild. A successful exploitation can lead to arbitrary code execution and security feature bypass. Barracuda...
Do MSPs need to hire an internal marketer?
Hiring a marketer in-house versus a marketing agency is a conundrum that almost every managed service provider (MSP) faces at some point. Many business owners may not realize that in-house marketers are not 100 percent necessary in every industry. MSPs...
Pioneers in Tech: Joan L. Mitchell, co-inventor of the JPEG
This week’s Pioneers in Tech looks at how today’s social media influencers owe much to Joan L. Mitchell, a self-professed “Sputnik baby” who came of age during the space race and ended up co-creating one of the file formats most...
Getting past the myths: why MSP sales reps fail
I frequently hear managed service providers (MSPs) lamenting that they aren’t getting enough sales, and they don’t know why. They want to fire their salesperson and start over. There are several areas to examine before making drastic changes in situations...
Critical vulnerabilities found in Fortinet and SonicWall products
In this cybersecurity threat advisory, Fortinet and SonicWall both advised of vulnerabilities found in their products. Fortinet shared that FortiOS and FortiProxy has a critical vulnerability where successful exploitation of the vulnerability allows an attacker to perform remote arbitrary code...
Cybersecurity Threat Advisory: New malware campaign targets banking institutions
A sophisticated malware campaign known as “Toitoin” is targeting banking firms in Latin America. The campaign employs evasive techniques, including the use of custom-built modules, encryption methods, and hosting malware on Amazon EC2 instances to evade detection. It is crucial...
Cybersecurity Threat Advisory: Critical VMware Aria Operations vulnerabilities
Two vulnerabilities were discovered in older versions of VMware Aria Operations for Networks and VMware Aria Operations for Logs. The vulnerabilities allow bad actors to perform remote code execution as the root user. Remote code execution can lead to system...
Threat Spotlight: Extortion attacks
Extortion attacks, which are an increasingly common form of email scams, threaten the victim with compromising information, such as an embarrassing photo, and request payment in a cryptocurrency to prevent the information from being released. Attackers often purchase victims’ login...
State of Cybersecurity Resilience 2023: MSP opportunities lie ahead
“Cybersecurity nerds” like myself wait with bated breath for Accenture’s annual “State of Cybersecurity Resilience 2023” report to be released. This is because the report never fails to disappoint in providing a “snapshot” of the current state of cybersecurity. With such...
Cybersecurity Threat Advisory: Critical MOVEit vulnerability discovered
A critical vulnerability has been discovered in the MOVEit Transfer software, prompting urgent action from customers to patch their systems. This flaw, identified as CVE-2023-36934, allows an attacker to execute arbitrary commands on the affected system with elevated privileges without...
