Category: Security
Deploy zero trust identity and XDR this month
The security stakes for managed service providers (MSPs) have never been higher. This Cybersecurity Awareness Month, alarming trends make one fact impossible to ignore: Cybercriminals are leveraging artificial intelligence (AI) at record speed, putting every digital identity – and the...
Cybersecurity Threat Advisory: Critical vulnerability in Motex Lanscope
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-61932, a critical vulnerability in Motex Lanscope Endpoint Manager, to its Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation in the wild. The flaw, rated CVSS 9.8, allows unauthenticated remote...
SOC Threat Radar — October 2025
In this edition of the SOC Threat Radar, you’ll discover the key attack behaviors identified over the past month by Barracuda Managed XDR’s security solutions, threat intelligence resources, and SOC analysts. These include: A rise in ransomware attacks targeting vulnerable...
Cybersecurity Threat Advisory: Critical WSUS RCE vulnerability
Microsoft has released out-of-band (OOB) security updates to address a critical remote code execution (RCE) vulnerability in Windows Server Update Services (WSUS). Servers with the WSUS Server Role enabled are affected. Successful exploitation allows attackers to execute code with SYSTEM-level...
Cybersecurity Threat Advisory: Critical Windows SMB vulernability
Attackers are actively exploiting a critical Windows SMB client vulnerability (CVE-2025-33073) in the wild. To help safeguard your environment and your customers’, please review and apply the best practices outlined in this Cybersecurity Threat Advisory. What is the threat? CVE-2025-33073...
Cybersecurity Threat Advisory: Critical WatchGuard firewall vulnerability
A critical vulnerability, CVE-2025-9242, has been identified in WatchGuard Firebox Network Security Appliances. This flaw exposes affected devices to the public internet and allows unauthenticated remote code execution. Review the details in this Cybersecurity Threat Advisory to understand the potential...
Cybersecurity Awareness Month ends soon, but the mission will continue
Cybersecurity Awareness Month may be winding down, but the work of protecting organizations never stops. This week, we’ve gathered insights from cybersecurity leaders across the industry who are tackling everything from human-centered security to emerging threats like shadow artificial intelligence...
Cybersecurity Threat Advisory: Critical Veeam backup flaws
Veeam has released Patch 12.3.2.4165 for Backup & Replication and Version 6.3.2.1302 for Veeam Agent for Microsoft Windows, addressing three serious vulnerabilities. These include two critical remote code execution (RCE) flaws (CVE-2025-48983, CVE-2025-48984) and one high-severity local privilege escalation (LPE)...
Cybersecurity Threat Advisory: FortiOS CLI command bypass vulnerability
Fortinet has disclosed a high-severity vulnerability in FortiOS, identified as CVE-2025-58325, which has a CVSS score of 7.8. This flaw could allow local authenticated attackers to execute arbitrary system commands. The vulnerability stems from improper input validation in the FortiOS...
Threat Spotlight: Unpacking a stealthy new phishing kit targeting Microsoft 365
In this edition of the Threat Spotlight we see that Phishing-as-a-Service (PhaaS) platforms dominate the email threat landscape. The most prominent are sophisticated, well-resourced platforms offering tools, infrastructure, and support in return for payment or a share of the profits....
