Category: Security

XDR
Deploy zero trust identity and XDR this month

Deploy zero trust identity and XDR this month

The security stakes for managed service providers (MSPs) have never been higher. This Cybersecurity Awareness Month, alarming trends make one fact impossible to ignore: Cybercriminals are leveraging artificial intelligence (AI) at record speed, putting every digital identity – and the...

/ October 29, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical vulnerability in Motex Lanscope

Cybersecurity Threat Advisory: Critical vulnerability in Motex Lanscope

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-61932, a critical vulnerability in Motex Lanscope Endpoint Manager, to its Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation in the wild. The flaw, rated CVSS 9.8, allows unauthenticated remote...

/ October 28, 2025
SOC Threat Radar
SOC Threat Radar — October 2025

SOC Threat Radar — October 2025

In this edition of the SOC Threat Radar, you’ll discover the key attack behaviors identified over the past month by Barracuda Managed XDR’s security solutions, threat intelligence resources, and SOC analysts. These include: A rise in ransomware attacks targeting vulnerable...

/ October 27, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical WSUS RCE vulnerability

Cybersecurity Threat Advisory: Critical WSUS RCE vulnerability

Microsoft has released out-of-band (OOB) security updates to address a critical remote code execution (RCE) vulnerability in Windows Server Update Services (WSUS). Servers with the WSUS Server Role enabled are affected. Successful exploitation allows attackers to execute code with SYSTEM-level...

/ October 27, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Windows SMB vulernability

Cybersecurity Threat Advisory: Critical Windows SMB vulernability

Attackers are actively exploiting a critical Windows SMB client vulnerability (CVE-2025-33073) in the wild. To help safeguard your environment and your customers’, please review and apply the best practices outlined in this Cybersecurity Threat Advisory. What is the threat? CVE-2025-33073...

/ October 24, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical WatchGuard firewall vulnerability

Cybersecurity Threat Advisory: Critical WatchGuard firewall vulnerability

A critical vulnerability, CVE-2025-9242, has been identified in WatchGuard Firebox Network Security Appliances. This flaw exposes affected devices to the public internet and allows unauthenticated remote code execution. Review the details in this Cybersecurity Threat Advisory to understand the potential...

/ October 22, 2025
Cybersecurity Awareness Month
Cybersecurity Awareness Month ends soon, but the mission will continue

Cybersecurity Awareness Month ends soon, but the mission will continue

Cybersecurity Awareness Month may be winding down, but the work of protecting organizations never stops. This week, we’ve gathered insights from cybersecurity leaders across the industry who are tackling everything from human-centered security to emerging threats like shadow artificial intelligence...

/ October 21, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Veeam backup flaws

Cybersecurity Threat Advisory: Critical Veeam backup flaws

Veeam has released Patch 12.3.2.4165 for Backup & Replication and Version 6.3.2.1302 for Veeam Agent for Microsoft Windows, addressing three serious vulnerabilities. These include two critical remote code execution (RCE) flaws (CVE-2025-48983, CVE-2025-48984) and one high-severity local privilege escalation (LPE)...

/ October 20, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: FortiOS CLI command bypass vulnerability

Cybersecurity Threat Advisory: FortiOS CLI command bypass vulnerability

Fortinet has disclosed a high-severity vulnerability in FortiOS, identified as CVE-2025-58325, which has a CVSS score of 7.8. This flaw could allow local authenticated attackers to execute arbitrary system commands. The vulnerability stems from improper input validation in the FortiOS...

/ October 20, 2025
Threat Spotlight
Threat Spotlight: Unpacking a stealthy new phishing kit targeting Microsoft 365

Threat Spotlight: Unpacking a stealthy new phishing kit targeting Microsoft 365

In this edition of the Threat Spotlight we see that Phishing-as-a-Service (PhaaS) platforms dominate the email threat landscape. The most prominent are sophisticated, well-resourced platforms offering tools, infrastructure, and support in return for payment or a share of the profits....

/ October 20, 2025