Category: Security
Cybersecurity Threat Advisory: Fortinet FortiOS buffer overflow vulnerability
Fortinet disclosed a FortiOS operating system vulnerability, CVE-2025-24477, which has a CVSS score of 4.0. This vulnerability enables an authorized attacker to execute arbitrary code or commands to escalate privileges. Review the details of this Cybersecurity Threat Advisory to protect...
Cloud success: The critical role MSPs play
After more than a decade of using cloud computing services, many organizations are still struggling to justify a return on investment (ROI). A survey of 350 senior IT leaders in the U.S finds that more than three-quarters (78 percent) admit finding it...
Cybersecurity Threat Advisory: Cisco Unified CM backdoor account removal
Cisco removed a backdoor account from its Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME), tracked as CVE-2025-20309. This critical vulnerability, with a CVSS score of 10, enabled unauthorized remote access to unpatched...
Navigating endpoint security: The role of MSPs
According to Verizon’s 2025 Data Breach Investigations Report, more than two-thirds of breaches involve endpoints. Some eye-catching endpoint security statistics include: About 88 percent of breaches reported involving endpoints involved the use of stolen credentials. Thirty percent of compromised systems...
The SOC case files: XDR contains two nearly identical attacks leveraging ScreenConnect
Take a look at this edition of ‘The SOC case files’ to see how Barracuda’s Managed XDR team recently helped two companies mitigate incidents where attackers compromised computers and install rogue ScreenConnect remote management software. The incidents were neutralized before...
AWS sets higher standard for MSSP partners
Amazon Web Services (AWS) is raising the bar for managed security services providers (MSSPs) by adding a range of specialized certification requirements. An update to the AWS MSSP Competency program introduces specific categories, including infrastructure security, workload security, application security,...
Cybersecurity Threat Advisory: Zero-day Chrome vulnerability
Google has patched a high-severity zero-day vulnerability, tracked as CVE-2025-6554 with a CVSS score of 8.1, in Chrome’s V8 engine that allows attackers to execute arbitrary code via a crafted HTML page. Review the details of this Cybersecurity Threat Advisory...
MSPs: Unmask 2025’s stealthiest email threats and fortify client defenses
Managed Services Providers (MSPs) stand on the front lines of cybersecurity, and with email-based attacks continuing to surge in volume and sophistication, your role in protecting clients has never been more critical. Email remains the primary conduit for most cyber...
Cybersecurity Threat Advisory: Severe WebDAV vulnerability
Microsoft has disclosed a serious zero-day vulnerability in the Web Distributed Authoring and Versioning (WebDAV) protocol, identified as CVE-2025-33053, with a CVSS score of 8.8. Actively exploited by the Stealth Falcon APT group, this vulnerability enables remote code execution (RCE)...
Close hidden security gaps with Barracuda Managed Vulnerability Security
We are excited to announce the launch of Barracuda Managed Vulnerability Security. This is a fully managed vulnerability scanning service that extends the BarracudaONE platform and is backed by Barracuda’s global, award-winning security operations center (SOC). Barracuda Managed Vulnerability Security scans for...
