Category: Featured
The rise of AI-based BEC attacks
Cybercriminals are quickly latching on to new technology and strategies to improve the success rates of their social engineering-based email attacks. In the latest Barracuda Email Threats and Trends report, the company found that although traditional email scams like phishing are...
Easily overcome Zero Trust deployment hurdles
Zero Trust Network Access (ZTNA) isn’t just a security model — it’s the future of cybersecurity. Required in many industries today, ZTNA significantly increases the security posture across the entire organization and often replaces existing VPN solutions that have been a...
Cybersecurity Threat Advisory: Phishing campaign spreading Remcos RAT malware
A new phishing campaign spreading a fileless variant of Remcos RAT malware has been discovered. Read this Cybersecurity Threat Advisory to learn how this could impact your organization. What is the threat? This campaign delivers malware through a phishing email...
Cybersecurity Threat Advisory: Palo Alto PAN-OS RCE vulnerability
A threat advisory was issued to Palo Alto customers notifying them of a vulnerability in the PAN-OS interface that can lead to remote code execution (RCE). Read this Cybersecurity Threat Advisory for the best practices to securing the PAN-OS management...
Pioneers in Tech: Fred Begay, the first Navajo to earn a PhD in physics
Native American Heritage Month, celebrated annually in November, provides an opportunity to examine and recognize the work of indigenous peoples in technology history. One of these Pioneers in Tech is Fred Begay, the first Navajo to earn a PhD in physics....
Cybersecurity Threat Advisory: Okta username flaw
Researchers have discovered a critical vulnerability in Okta which allows an user to authenticate to an account with a username longer than 52 characters without multi-factor authentication (MFA) enabled. Read this Cybersecurity Threat Advisory to learn how this may impact...
Ask an MSP Expert: How can pentesting add value to an MSP security service offering?
In today’s cybersecurity landscape, many MSPs are looking to add penetration testing (pentesting) to their service offering. Pentesting is a simulated cyberattack on a system, network, or application to find vulnerabilities before real hackers can exploit them. It helps organizations...
Cybersecurity Threat Advisory: CRON#TRAP phishing campaign
A new phishing campaign, identified as CRON#TRAP, are targeting Windows systems with a preloaded Linux virtual machine (VM) to evade detection to conduct malicious acts. Continue reading this Cybersecurity Threat Advisory to learn how to protect against this phishing campaign....
Cybersecurity Threat Advisory: Zero-click flaw in Synology NAS devices
Synology, network-attached storage (NAS) maker, addressed critical security vulnerability, CVE-2024-10443, which impacts their DiskStation and BeePhotos applications. This is an unauthenticated vulnerability that can allow attackers to obtain root-level code execution on Synology NAS devices. Review the details in this...
Cybersecurity Threat Advisory: Vulnerabilities found in Microsoft Azure AI
Significant vulnerabilities in Microsoft’s Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content. Continue reading this Cybersecurity Threat Advisory to learn the implications of these flaws and which security...
