Category: Security
The AI-cybersecurity connection MSPs can’t afford to ignore
One thing is becoming clear for managed service providers (MSPs): future growth will be driven by artificial intelligence (AI) and cybersecurity. More importantly, AI is accelerating demand for cybersecurity services. A recent survey conducted by the Global Technology Industry Association...
The rise of the part-time hacker
Hackers have always run the gamut—from the college kid in his parents’ basement to the nation-state in a sophisticated bunker. There has always been a gap between what an individual hacker could accomplish and what a well-funded nation-state could achieve....
Cybersecurity Threat Advisory: Critical Connectwise Automate vulnerability
ConnectWise has disclosed a high-impact vulnerability in its ConnectWise Automate platform that could allow attackers to bypass critical integrity validation during the agent’s plugin loading and self-update mechanisms, potentially enabling malicious code execution on affected on-premises deployments. Read this Cybersecurity...
Cybersecurity Threat Advisory: ClickFix attacks
Attackers are exploiting a critical vulnerability, tracked as CVE-2026-26980, in the Ghost Content Management System (CMS) to compromise more than 700 legitimate websites. Read this Cybersecurity Threat Advisory to reduce risk for you and your clients. What is the threat?...
IoT threats in 2026: The blind spot MSPs can’t afford to ignore
Cybersecurity experts have warned about IoT threats for years. But as the IoT security landscape continues to expand and evolve, so do the risks—making this a topic worth revisiting. While solutions to secure IoT devices exist, MSPs must stay immersed...
Cybersecurity Threat Advisory: Exchange on-premise OWA vulnerability exploited
A Microsoft Exchange Server Outlook Web Access (OWA) spoofing vulnerability, tracked as CVE‑2026‑42897, is actively being exploited in the wild. This issue affects Exchange Server 2016, Exchange Server 2019, and Exchange Server Subscription Edition across all update levels. Continue reading...
Cybersecurity Threat Advisory: Cisco Catalyst SD-WAN zero day vulnerability
An authentication bypass zero-day vulnerability, tracked as CVE-2026-20182 with a maximum CVSS score of 10.0, has been identified in Cisco Catalyst SD-WAN Controller and Manager. The vulnerability allows unauthenticated attackers to gain the highest level of administrative access to affected...
Patch management: The basics still matter
Patching is such a core part of MSP DNA that it’s easy to overlook. I’ve talked with many MSP owners who get pulled into the latest, most urgent cyberthreats—only to lose sight of the basics: patching. Patching is the cybersecurity...
Cybersecurity Threat Advisory: RedSun exploits Microsoft Defender real-time protection
A new proof of concept (PoC), RedSun, exploits Windows devices running Microsoft Defender real‑time protection on Windows 10, Windows 11, and Windows Server 2019+. It abuses Defender’s handling of cloud‑tagged files to achieve local privilege escalation to SYSTEM. Read this...
Cybersecurity Threat Advisory: BitUnlocker attack
A newly published proof of concept (PoC) tool called BitUnlocker demonstrates a dangerous downgrade attack that can bypass Microsoft’s BitLocker full‑disk encryption on Windows 11 devices. Continue reading this Cybersecurity Threat Advisory to minimize your risk. What is the threat? BitUnlocker...
