Category: Security
Tech Time Warp: Quite the Hotmail hack, eh?
You might not want to admit it, but you may still have a Hotmail account kicking around. Once your premier account—perhaps an upgrade from AOL—it may now be your throwaway address. Once, though, Hotmail was hip—and quite a target for...
Malware targeted Windows users in Q1 2020
A new security report released by AV-Test showed some startling, but not surprising, malware statistics. The key takeaway from the study: Computers that run Windows are most prone to attacks by hackers. The AV-Test report discovered that 114 million new pieces of...
Cybersecurity Threat Advisory: Major Vishing Campaign
Advisory Overview The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have recently issued a warning about the growing threat of “vishing” attacks against companies. Vishing (voice phishing) is a social engineering method that uses...
Cybersecurity Threat Advisory: FritzFrog P2P Botnet
Advisory Overview Researchers at Guardicore have identified a peer-to-peer (P2P) botnet, dubbed FritzFrog, brute-forcing SSH servers since January. Once breached, a worm is executed to run malicious payloads which can further expand the botnet by compromising additional devices as well...
MSPs must track HTML smuggling
While hackers are always experimenting and innovating to catch up with the latest cybersecurity advances, they are also not afraid to stick with the tried and true. Why? Because it works. Why spend a lot of time and money trying to...
Cybersecurity Threat Advisory: Team Viewer Vulnerability
Advisory Overview A vulnerability has been discovered in remote desktop connection application “TeamViewer” that can allow an attacker to steal the login information (username and hashed password) of a user. This can allow the attacker to crack the stolen password...
Municipal contracts and the cybersecurity data to land them
A recent note came to me from a Smarter MSP reader about municipal contracts, and what types of cybersecurity data should be used when trying to land municipal contracts. Assuming they are not the only one with questions on this...
Widespread cloud configuration issues create opportunity for MSPs
The crux of the problem with cloud security has very little to do with the platforms on which applications are deployed. The real issue is the amount of cybersecurity expertise the people deploying cloud applications don’t have. Most cloud applications...
Cybersecurity Threat Advisory: Two Microsoft Zero-Day Vulnerabilities
Advisory Overview Microsoft has addressed two zero-day vulnerabilities in this week’s rollout of security patches. One of the zero-day vulnerabilities could allow an attacker to bypass security features intended to prevent improperly signed files from being loaded; the other zero-day...
Cybersecurity Threat Advisory: Pulse Secure VPN Server Data Leak
Advisory Overview Over 900+ Pulse VPN servers were breached and had their data leaked online. The data includes plaintext username, passwords, IP addresses, user session cookies, administrator details and private encryption keys. Technical detail and additional information What is the...
