Category: Security
Cybersecurity Threat Advisory: SonicWall SMA1000 vulnerability
A pre-authentication deserialization vulnerability has been discovered in SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) and is already being used in zero-day attacks. Review the details within this Cybersecurity Threat Advisory to protect your organization. What...
Threat Spotlight: Tycoon 2FA phishing kit updated to evade inspection
This Threat Spotlight sheds light on the Tycoon multi-factor authentication phishing kit and the tactics it uses to evade protection solutions. Phishing-as-a-Service (PhaaS) provides attackers with advanced toolsets and templates that enable them to quickly deploy phishing campaigns. The rapid...
Unlocking a new opportunity: Selling cybersecurity to schools for MSPs
Managed service providers (MSPs) often overlook schools and other educational institutions, even though they present an excellent opportunity for new business. That is, if one is ready to handle some of their inherent challenges. According to various market research reports,...
The SOC case files: XDR’s automation offers rapid cloud protection
This edition of the SOC case files showcases how Barracuda Managed XDR detects an impossible travel, indicating a user login credentials were compromised. Incident summary An employee at a telecommunications company connected as usual to their cloud account. They then...
Cybersecurity Threat Advisory: Vulnerability in Ivanti secure access solutions
A critical security flaw in Ivanti, CVE-2025-0283, is affecting Ivanti Connect Secure, Policy Secure, and ZTA Gateways. This stack-based buffer overflow vulnerability allows a locally authenticated attacker to escalate their privileges. Continue reading this Cybersecurity Threat Advisory to mitigate your...
Automated incident response – efficiency at scale
No matter how robust your email security measures are, some threats will inevitably bypass initial defenses. Whether it’s a sophisticated phishing attack or an emerging malware variant, the ability to swiftly detect and respond to post-delivery threats is critical for...
Cybersecurity Threat Advisory: Fortinet zero-day vulnerability
A critical zero-day vulnerability has been found affecting Fortinet FortiOS and FortiProxy devices. This vulnerability enables attackers to bypass authentication and gain privileges. Keep reading this Cybersecurity Threat Advisory for information to keep your environment safe. What is the threat?...
Cybersecurity Threat Advisory: Aviatrix Controller vulnerability
A critical security vulnerability in the Aviatrix Controller cloud networking platform has been discovered and is actively exploited by threat actors to deploy backdoors and cryptocurrency miners. Multiple cloud deployments have reported that they have been compromised following this disclosure....
2024 by the numbers
The threat landscape is always churning, with new threats emerging while others disappear or fade to irrelevance. Consider ALPHV, a ransomware-as-a-service (RaaS) group that provided the infrastructure, tools, and administrative services to the individual hacker who ransomed $22 million from Change Healthcare...
Insider threats expected to persist in 2025
SmarterMSP.com recently covered the topic of insider threats, but many experts continue to point to these types of threats as one of the biggest cybersecurity challenges impacting organizations in 2025. The Hacker News, for instance, says: Insider threats are expected...
