Category: Security
Cybersecurity Threat Advisory: Exploited cryptojacking campaign impacting Docker
A new cryptojacking campaign exploiting the Docker Engine API has been discovered. The large-scale hacking campaign is targeting Docker Swarm, Kubernetes, and Secure Socket Shell (SSH) servers. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk...
Social engineering attacks: What MSPs need to know
As we kick off Cybersecurity Awareness Month, we are highlighting one danger that managed service providers (MSPs) must constantly monitor: social engineering. According to Verizon’s 2024 Data Breach Investigations Report: Social engineering incidents have increased from the previous year largely...
Cybersecurity Threat Advisory: Critical RCE vulnerability in ZCS
There is a critical remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS) version 9.0, tracked as CVE-2024-45519. The vulnerability allows unauthenticated attackers to remotely execute arbitrary commands by exploiting weaknesses in Zimbra’s SMTP PostJournal service. Review the details...
October is Cybersecurity Awareness Month
October 1 marks the start of the annual Cybersecurity Awareness Month (CAM), which is a collaborative effort to raise awareness of cybersecurity and safe online practices. Each October, governments, public sector agencies, and private sector partners organize events and media campaigns...
MSP at the forefront against credential stuffing
Credential stuffing has been around for a while, and it is exactly what it sounds like: an attack in which hackers use a cache of compromised usernames and passwords to break into a system. However, hackers have recently found new...
AI drives profit and revenue for MSPs and consultants
Recent studies by Canalys and Channel Futures project managed service provider (MSP) revenue to grow 11% or more in 2024. The Channel Futures study reveals that 62% of MSPs increased their artificial intelligence (AI) deployments and consultations in the fourth quarter...
Accelerating cybersecurity Time to Resolution (TTR)
When it comes to cyberattacks and data breaches, time to respond (TTR) is a critical metric for managed service providers (MSPs), but one that can be challenging as the frequency and sophistication of threats continue to evolve. MSPs typically have...
Cybersecurity Threat Advisory: Critical GitLab SAML vulnerability
A vulnerability identified as CVE-2024-45409 has been found in GitLab’s Ruby-SAML library. This flaw stems from the improper validation of Security Assertion Markup Language (SAML) responses. Continue reading this Cybersecurity Threat Advisory to secure your environment. What is the threat?...
Cybersecurity Threat Advisory: SolarWinds ARM vulnerabilities
SolarWinds has issued patches to address two vulnerabilities in its Access Rights Manager (ARM) software. Out of the two, one is a critical vulnerability that can lead to remote code execution (RCE). Review the details within this Cybersecurity Threat Advisory...