Category: Featured
Cybersecurity Threat Advisory: Critical GitLab vulnerabilities
GitLab has released multiple security updates that address a total of 14 vulnerabilities. Attackers can exploit one of the vulnerabilities to run pipelines as any user. Read this Cybersecurity Threat Advisory in detail to learn more about how you can...
Wasted IT spending provides opportunity for MSPs
A survey of 503 IT professionals suggests there is much more focus on identifying and preventing wasted spending on applications and IT infrastructure. Conducted by Flexera, the survey finds 37 percent of respondents said wasted spending on infrastructure-as-a-service (IaaS) and...
Cybersecurity Threat Advisory: TeamViewer breach
On June 26, RMM software designer TeamViewer announced a recent breach of their network. According to TeamViewer, no customer data has yet been compromised by this breach. Read this Cybersecurity Threat Advisory in detail to secure your network and devices....
Tech Time Warp: The curious history of QWERTY
From time to time, your inner Mavis Beacon might wonder about the seemingly nonsensical arrangement of your keyboard. What’s the story behind QWERTY? You’ll find out in this edition of Tech Time Warp! On June 23, 1868, Christopher Latham Sholes,...
Cybersecurity Threat Advisory: MOVEit Transfer vulnerability exploit
Progress Software has released a patch for a high-severity vulnerability in MOVEit Transfer, identified as CVE-2024-5806. This vulnerability is currently under active attack and allows attackers to bypass authentication mechanisms. Organizations using MOVEit Transfer should review this Cybersecurity Threat Advisory...
Can AI help MSPs improve margins?
Artificial intelligence (AI) is being touted as a magic elixir – whatever the problem is, AI is the answer. Unfortunately, it is not quite ready to do many of the more advanced things that people want to do. However, in...
Cybersecurity Threat Advisory: Five new vulnerabilities found in Zyxel NAS
Zyxel has released a patch for their NAS326 and NAS542 to fix five new vulnerabilities that have been discovered. These vulnerabilities affect devices with versions 5.21 (AAZF16/ABAG13) and earlier. Barracuda MSP recommends customers using these devices to follow the steps...
Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerabilities
This Cybersecurity Threat Advisory highlights a new attack technique exploiting vulnerabilities in Microsoft Management Console (MMC). By creating malicious management saved console (MSC) files that appear legitimate, attackers can bypass traditional security measures and exploit the targeted MMC. Barracuda MSP...
Tech Time Warp: Far past time to move to AES encryption
In May 2024, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Partnership for Interoperable Communications (FPIC) released a whitepaper warning government agencies about the dangers of relying on the Data Encryption Standard (DES)—a nearly 50-year-old technology—for cybersecurity. Let’s get...
Cybersecurity Threat Advisory: VMware privilege escalation vulnerabilities
VMware has released patches to address critical vulnerabilities impacting Cloud Foundation, vCenter Server, and vSphere ESXi, which could be exploited to achieve privilege escalation and remote code execution. The flaws, identified as CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081, have high CVSS scores....
