Category: Security

Cybersecurity Threat Advisory: Mitel VoIP vulnerability

Cybersecurity Threat Advisory: Mitel VoIP vulnerability

A known remote code execution vulnerability, CVE-2022-29499, was discovered with the Linux-based Mitel VoIP (Voice over Internet Protocol) application. Once exploited, this vulnerability allows a threat actor to gain root privileges to the system and plant ransomware. Barracuda MSP recommends...

/ July 5, 2022
Cybersecurity Threat Advisory: LockBit Ransomware Threat

Cybersecurity Threat Advisory: LockBit Ransomware Threat

The LockBit ransomware group has become the top ransomware group based on its volume of attacks in recent months. They are utilizing a new phishing email tactic by disguising the malware as copyright claim and creating a bug bounty program. Once...

/ July 4, 2022
SEC cyber rules: An MSP’s pivotal role and opportunity

SEC cyber rules: An MSP’s pivotal role and opportunity

Cyberattacks against financial services companies are on the rise. In 2021, the Financial Services Information Sharing and Analysis Center (FS-ISAC) raised the cyber threat level for U.S. financial institutions from “guarded” to “elevated” three times (it typically happens just once)....

/ July 4, 2022
Key cybersecurity trends to watch in the homestretch of 2022

Key cybersecurity trends to watch in the homestretch of 2022

Believe it or not, we are now halfway through 2022. Where has the time gone? Before we know it, we’ll be talking about Thanksgiving and Christmas. But right now, let’s pause, take stock of where we’ve been and make some...

/ June 30, 2022 / 2 Comments
Cybersecurity Threat Advisory: Apple Safari arbitrary code execution vulnerability

Cybersecurity Threat Advisory: Apple Safari arbitrary code execution vulnerability

Apple has had an existing arbitrary code execution vulnerability in their MacOS, iOS, iPadOS, and Safari in their past 3 zero-days known as CVE-2022-22620. Google and Barracuda MSP researchers are making sure users don’t forget this. The vulnerability could allow...

/ June 28, 2022
Cybersecurity Threat Advisory: FastJson versions vulnerable to deserialization

Cybersecurity Threat Advisory: FastJson versions vulnerable to deserialization

A new version of FastJson has been released and has patched a vulnerability which allows malicious actors to utilize “AutoTypeCheck” mechanism and achieve remote code execution in FastJson. All Java applications that pass user-controlled data to either the JSON.parse or...

/ June 27, 2022
The MSP guide to combatting the cybersecurity problem

The MSP guide to combatting the cybersecurity problem

Now more than ever, small to medium-sized businesses are turning to managed service providers to fulfill their cybersecurity needs, and they have good reasons to. Since the pandemic, businesses of all sizes underwent a digital transformation. Some may even call...

/ June 27, 2022
Cybersecurity Threat Advisory: Black Basta Ransomware Group threat

Cybersecurity Threat Advisory: Black Basta Ransomware Group threat

The Black Basta ransomware group is revamping an older malware known as Qbot, Qakbot and Plinkslipbot to exploit the Microsoft Exchange Server. A successful attack will allow threat actors the ability to gain target network access, collect critical personal information,...

/ June 24, 2022
Don’t turn your vacation into a vacation from cybersecurity

Don’t turn your vacation into a vacation from cybersecurity

During the summer months, many Americans leave their homes and offices for some much-needed R&R. In fact, a new study from The Vacationer shows that 81 percent of adults are planning to take a trip of some sort this summer,...

/ June 23, 2022 / 10 Comments
Cybersecurity Threat Advisory: A Microsoft Azure Synapse vulnerability uncovered

Cybersecurity Threat Advisory: A Microsoft Azure Synapse vulnerability uncovered

Security researchers at Orca uncovered a vulnerability in Microsoft Azure Synapse, dubbed SynLapse. This vulnerability lies in the ODBC or Online Database Connectivity method employed by Synapse. Once a bad actor gains access through this vulnerability, they can gain access...

/ June 22, 2022