Category: Security
DDoS “celebrates” 25th anniversary with a spike
The first documented widespread distributed denial-of-service (DDoS) attack occurred in 1996 when New York City-based internet provider, Panix, was attacked. The New York Times described it: Beginning Sept. 6 and continuing through at least last Tuesday, a hacker intent on shutting...
Cybersecurity Threat Advisory: Critical Flaws in SD-WAN vManage and HyperFlex Fixed by Cisco
Threat Update Cisco has released patches to address flaws in their SD-WAN vManage and HyperFlex HX software that could allow unauthenticated users create admin accounts as a root user. Threat actors could utilize these flaws, if unpatched, to gain access...
Cybersecurity Threat Advisory: Many Email Servers Impacted by 21Nails Vulnerabilities
Threat Update Developers behind Exim, a highly adopted mail transfer agent (MTA) solution have released a path to resolve 21 vulnerabilities. The developers have pushed this patch out in order to prevent threat actors from taking over servers using multiple...
Podcast: Adding ZTNA to your MSP’s security stack, Episode 4
In Episode 3 of the SmarterMSP Podcast, we discussed common MSP website mistakes that can hurt the sales efforts of service providers. In our latest episode, we turned our focus to managed security services, including zero-trust network access (ZTNA), which is...
Barracuda cited as leader in enterprise email security
Barracuda was among the companies invited to participate in The Forrester Wave™: Enterprise Email Security, Q2 2021. In this evaluation, Barracuda was cited as a Leader in the category. The Forrester Wave™: Enterprise Email Security, Q2 2021 is a guide...
Five cybersecurity mistakes MSPs are making in 2021
Over the years, the MSP business has evolved, but in most cases, it was still relatively “formulaic.” For example, there was a process and a protocol for ferreting out security issues, that stayed pretty much the same from MSP to...
Cybersecurity Threat Advisory: Pulse Secure Zero-Day Authentication Bypass
Threat Update A zero-day vulnerability has been discovered in Pulse Secure VPN appliances and has resulted in the compromise of several U.S governmental organizations and agencies. This vulnerability allows an attacker to bypass multi-factor authentication by modifying legitimate Pulse Secure...
Ask an MSP Expert: The 3 pillars of a security-centric approach
In today’s evolving cyberthreat landscape, it is vital for managed service providers (MSPs) to take a security-centric approach to their business. Highlighting the importance of this, but making it even more challenging, is today’s climate of remote workforces, shifting perimeters,...
Cybersecurity Threat Advisory: Windows RPC Protocol RemotePotato0 Exploit
Threat Update A new privilege escalation vulnerability has been discovered inside of the Windows RPC protocol. This vulnerability, known as RemotePotato0, is a NTLM relay attack which could allow attackers to escalate their privileges from a normal User all the...
Healthcare is one of the most vulnerable verticals in 2021
Hackers view personal healthcare information as the holy grail of data, mining this data in exchange for currency on the dark web. HealthTech sounded this alarm in April of this year: As the attacks mature and get increasingly sophisticated, healthcare...
