Category: Security

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical SSL.com vulnerability

Cybersecurity Threat Advisory: Critical SSL.com vulnerability

A significant flaw has been identified in SSL.com’s Domain Control Validation (DCV) process, which poses a risk of issuing unauthorized SSL/TLS certificates. This vulnerability could expose trusted domains to impersonation, man-in-the-middle (MITM) attacks, and the interception of encrypted traffic. We recommend...

/ April 23, 2025
2025 trends
Cybersecurity 2025 trends: Key emerging threats

Cybersecurity 2025 trends: Key emerging threats

Welcome to part two of our deep dive into 2025’s cybersecurity landscape. As highlighted in part one of this blog, generative artificial intelligence (GenAI) and supply chain vulnerabilities are at the forefront of cyberthreats. We consulted with other industry experts...

/ April 22, 2025
MSPs AI
MSPs: AI is your answer to the $12 trillion cyberthreat

MSPs: AI is your answer to the $12 trillion cyberthreat

One of the most challenging aspects of cybersecurity readiness is establishing robust threat detection capabilities. Cyberattacks are constantly evolving, and criminals are now leveraging tools such as artificial intelligence (AI), third-party attack development tools, and in-depth research on their targets...

/ April 21, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical CentreStack and Triofox vulnerability

Cybersecurity Threat Advisory: Critical CentreStack and Triofox vulnerability

A critical security vulnerability, tracked as CVE-2025-30406, has been disclosed in Gladinet’s CentreStack and Triofox file-sharing platforms. According to reports, this flaw arises from the presence of hardcoded administrative credentials embedded in default software builds. Attackers can use these credentials...

/ April 19, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Windows zero-day vulnerability actively exploited

Cybersecurity Threat Advisory: Windows zero-day vulnerability actively exploited

A newly discovered Windows zero-day vulnerability, CVE-2025-29824, is actively exploited by a targeted ransomware campaign involving the PipeMagic trojan. Continue reading this Cybersecurity Threat Advisory to limit the impact of this vulnerability. What is the threat? CVE-2025-29824 is critical flaw...

/ April 18, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical RCE flaw in Apache Roller blog server

Cybersecurity Threat Advisory: Critical RCE flaw in Apache Roller blog server

Researchers have discovered a critical session management vulnerability within Apache Roller. It is being tracked as CVE-2025-24859 and has been assigned the maximum CVSS score of 10.0. Review the details in this Cybersecurity Threat Advisory to mitigate your risks. What...

/ April 17, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Fortinet admin password change flaw

Cybersecurity Threat Advisory: Critical Fortinet admin password change flaw

Fortinet has recently addressed a critical vulnerability in its FortiSwitch products, identified as CVE-2024-48887, with a CVSS score of 9.3. This “unverified password change” flaw allows remote, unauthenticated attackers to modify administrator passwords through specially crafted requests to the FortiSwitch...

/ April 16, 2025
Cybersecurity 2025
Cybersecurity 2025 trends: GenAI and supply chains top of the threat list

Cybersecurity 2025 trends: GenAI and supply chains top of the threat list

It is hard to believe that we are now over three months into 2025. With Q1 in the books, we have approached the one-third of the year mark. This is a good time to pause and survey stakeholders and cybersecurity...

/ April 15, 2025
Automated Threat Response (ATR) for firewalls
Automated Threat Response (ATR) for firewalls

Automated Threat Response (ATR) for firewalls

In the last 12 months, Barracuda Managed XDR’s Automated Threat Response (ATR) for firewalls prevented thousands of potentially serious attacks against customers. It does so by correlating advanced threat intelligence and other tools, such as AI and machine learning to...

/ April 14, 2025
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical CrushFTP vulnerability

Cybersecurity Threat Advisory: Critical CrushFTP vulnerability

A critical CrushFTP, CVE-2025-2825, with a CVSS score of 9.8, flaw has been discovered. It enables attackers to bypass authentication on CrushFTP servers, posing a high-severity risk to corporate environments. Continue reading this Cybersecurity Threat Advisory for details on how...

/ April 10, 2025