Category: Security
Cybersecurity Threat Advisory: Cisco Releases Patches for Multiple Security Vulnerabilities
Threat Update Cisco has provided fixes for multiple security vulnerabilities varying from medium to critical severity, which an unauthenticated attacker could exploit. Cisco Small Business RV340, RV340W, RV345, RV345P Dual WAN Gigabit, RV160, RV160W, RV260, RV260P, and RV260W VPN routers...
Gone fishin’: Prime time for a cyberattack
With a seemingly sudden rash of successful ransomware attacks in recent months, it didn’t surprise some cybersecurity experts warning about the next cyberattack event. “When I first heard about the ransomware wave, I looked at the calendar and said `oh...
Spear phishing report: Attackers’ evolving tactics and targets
As cybercriminals adjust who they’re targeting most, all employees, not just top executives, need to be prepared for spear phishing attacks. Between May 2020 and June 2021, Barracuda researchers analyzed more than 12 million cyberattacks impacting more than 3 million...
Cybersecurity Threat Advisory: Root Access by Way of Linux Kernel Bug
Threat Update Qualys’ research team has discovered a pair of vulnerabilities in the Linux operating system. While one is a local privilege escalation (LPE) vulnerability, the other vulnerability is a stack exhaustion denial-of-service (DOS) vulnerability in the system. Both of...
Improper disposal of connected devices creates cybersecurity threat
Most companies are constantly refreshing their computers as technologies change, needs evolve, and security upgrades occur. As a result, there could be a cybersecurity threat collecting dust in a closet, or perhaps on its way to a dumpster. Furthermore, with...
Cybersecurity Threat Advisory: Ransomware Targets Unpatched, End-of-Life SonicWall Firmware
Threat Update A ransomware campaign using stolen credentials is actively targeting networking device maker SonicWall’s Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware. The exploitation targets a known vulnerability...
Cybersecurity Threat Advisory: Patch for FortiManager and FortiAnalyzer Vulnerability
Threat Update A patch has been released by Fortinet for their FortiManager & FortiAnalyzer platforms. This critical patch resolves a Use After Free vulnerability (CWE-416) that allowed attackers to execute code as administrators on the targeted device. SKOUT recommends that...
IoT is exposing networks to cybersecurity vulnerabilities
Businesses that have been fortifying their computers against ransomware and other threats could be overlooking additional vulnerabilities within their ecosystem. While the office computers may be as secure as Fort Knox, IoT devices such as the copier, scanner, digital signage,...
Cybersecurity Threat Advisory: Windows Print Spooler Elevation of Privilege Vulnerability
Threat Update Last week, SKOUT released a security advisory regarding the “PrintNightmare” Zero-Day vulnerability exploited via the Windows Print Spooler service. This past weekend, on July 16th, Microsoft identified another vulnerability within the Print Spooler service that allows for local...
Podcast: Colonial Pipeline hack and the Executive Order, Episode 7
In the previous episode of the SmarterMSP Podcast, Jason Howells of Barracuda MSP summarized the insights from Global MSP Day, which took place in May 2021. Jason detailed many interesting trends within the “Evolving Landscape of the MSP Business Report...
