Category: Security

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Exploited cryptojacking campaign impacting Docker

Cybersecurity Threat Advisory: Exploited cryptojacking campaign impacting Docker

A new cryptojacking campaign exploiting the Docker Engine API has been discovered. The large-scale hacking campaign is targeting Docker Swarm, Kubernetes, and Secure Socket Shell (SSH) servers. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk...

/ October 3, 2024
social engineering
Social engineering attacks: What MSPs need to know

Social engineering attacks: What MSPs need to know

As we kick off Cybersecurity Awareness Month, we are highlighting one danger that managed service providers (MSPs) must constantly monitor: social engineering. According to Verizon’s 2024 Data Breach Investigations Report: Social engineering incidents have increased from the previous year largely...

/ October 3, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical RCE vulnerability in ZCS

Cybersecurity Threat Advisory: Critical RCE vulnerability in ZCS

There is a critical remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS) version 9.0, tracked as CVE-2024-45519. The vulnerability allows unauthenticated attackers to remotely execute arbitrary commands by exploiting weaknesses in Zimbra’s SMTP PostJournal service. Review the details...

/ October 2, 2024
Cybersecurity Awareness Month
October is Cybersecurity Awareness Month

October is Cybersecurity Awareness Month

October 1 marks the start of the annual Cybersecurity Awareness Month (CAM), which is a collaborative effort to raise awareness of cybersecurity and safe online practices. Each October, governments, public sector agencies, and private sector partners organize events and media campaigns...

/ October 2, 2024
MSP at the forefront against credential stuffing

MSP at the forefront against credential stuffing

Credential stuffing has been around for a while, and it is exactly what it sounds like: an attack in which hackers use a cache of compromised usernames and passwords to break into a system. However, hackers have recently found new...

/ September 26, 2024
AI MSP
AI drives profit and revenue for MSPs and consultants

AI drives profit and revenue for MSPs and consultants

Recent studies by Canalys and Channel Futures project managed service provider (MSP) revenue to grow 11% or more in 2024. The Channel Futures study reveals that 62% of MSPs increased their artificial intelligence (AI) deployments and consultations in the fourth quarter...

/ September 26, 2024
Accelerating cybersecurity Time to Resolution (TTR)

Accelerating cybersecurity Time to Resolution (TTR)

When it comes to cyberattacks and data breaches, time to respond (TTR) is a critical metric for managed service providers (MSPs), but one that can be challenging as the frequency and sophistication of threats continue to evolve. MSPs typically have...

/ September 25, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical GitLab SAML vulnerability

Cybersecurity Threat Advisory: Critical GitLab SAML vulnerability

A vulnerability identified as CVE-2024-45409 has been found in GitLab’s Ruby-SAML library. This flaw stems from the improper validation of Security Assertion Markup Language (SAML) responses. Continue reading this Cybersecurity Threat Advisory to secure your environment. What is the threat?...

/ September 20, 2024
scalable backup
The benefits of Barracuda’s new scalable backup

The benefits of Barracuda’s new scalable backup

Data is money, and data protection is a key piece of any business continuity plan or cybersecurity strategy. This is a concern for companies that need an increasing amount of storage and backup capacity but have no extra budget to...

/ September 18, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: SolarWinds ARM vulnerabilities

Cybersecurity Threat Advisory: SolarWinds ARM vulnerabilities

SolarWinds has issued patches to address two vulnerabilities in its Access Rights Manager (ARM) software. Out of the two, one is a critical vulnerability that can lead to remote code execution (RCE). Review the details within this Cybersecurity Threat Advisory...

/ September 18, 2024