Category: Security

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Citrix Vulnerabilities Affecting ADC, Gateway, and SD-WAN

Cybersecurity Threat Advisory: Citrix Vulnerabilities Affecting ADC, Gateway, and SD-WAN

Advisory Overview Citrix has issued a security patch for multiple gateway devices that were found to have security flaws. These security issues are reportedly unrelated to the previously released CVE-2019-19781. SKOUT advises updating any affected devices to the latest version....

/ July 10, 2020
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Spear-Phishing Campaign Spreading Hakbit Ransomware

Cybersecurity Threat Advisory: Spear-Phishing Campaign Spreading Hakbit Ransomware

Advisory Overview A spear-phishing campaign targeting various industries is utilizing malicious Microsoft Excel attachments to infect users with the “GuLoader” backdoor trojan. The threat actors then proceed to use GuLoader to download “Hakbit” ransomware onto the infected device. Recommendations to...

/ July 9, 2020
Summer cybersecurity dangers

Summer cybersecurity dangers

In simpler times, some businesses would literally hang a sign on their door each summer saying “Gone Fishin’” and close for two weeks. In today’s world, hackers might as well hang a sign on their door in summer that says...

/ July 9, 2020
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: F5 Critical Vulnerability Exploited in Wild (CVE-2020-5902)

Cybersecurity Threat Advisory: F5 Critical Vulnerability Exploited in Wild (CVE-2020-5902)

Advisory Overview A Remote Code Execution (RCE) vulnerability exists in the BIG-IP application delivery controller (ADC) software’s Traffic Management User Interface (TMUI). The vulnerability could allow an attacker to execute remote commands or arbitrary code without the need for authentication,...

/ July 7, 2020
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Ripple20 Vulnerabilities

Cybersecurity Threat Advisory: Ripple20 Vulnerabilities

Advisory Overview A series of nineteen vulnerabilities dubbed “Ripple20” have been identified in a large number of devices spanning multiple vendors and industries involving a widely used low-level TCP/IP software library developed by Treck, Inc. Exploited devices risk remote code...

/ July 2, 2020
Don’t ignore the basics: Pandemic patching and other musts for MSPs

Don’t ignore the basics: Pandemic patching and other musts for MSPs

Business models have been put into a blender and pulsed and pureed since the arrival of COVID-19 earlier this year. The resulting workplace environment has been unrecognizable in many cases with workforces hunkered down at home, businesses shuttered, and security teams...

/ July 2, 2020
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Palo Alto Networks Vulnerability

Cybersecurity Threat Advisory: Palo Alto Networks Vulnerability

Advisory Overview Palo Alto Networks disclosed a critical vulnerability all next-generation firewalls running certain versions of PAN-OS that could allow an attacker to bypass authentication. SKOUT recommends upgrading PAN-OS to a fixed version. Full recommendations and links are available below....

/ June 29, 2020
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cisco WebEx Vulnerability (CVE-2020-3347)

Cybersecurity Threat Advisory: Cisco WebEx Vulnerability (CVE-2020-3347)

Advisory Overview A vulnerability was recently reported in the Cisco WebEx Meetings Desktop App for Windows releases earlier than 40.4.12 and 40.6.0 that could allow an attacker to gain access to sensitive information such as usernames, authentication tokens, and meeting...

/ June 29, 2020
Q&A: The ‘Best Security Offering’ for MSPs in 2020

Q&A: The ‘Best Security Offering’ for MSPs in 2020

The evolving cyberthreat landscape has made security the top priority for businesses of all sizes. More than ever, it has become imperative for MSPs to incorporate managed security service offerings in their portfolio to continue to succeed and differentiate themselves...

/ June 29, 2020
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: SolarWinds RMM Vulnerability

Cybersecurity Threat Advisory: SolarWinds RMM Vulnerability

Advisory Overview SolarWinds RMM has identified a vulnerability in versions 10.8.8 and earlier that could allow an attacker to target all devices running the Advanced Monitoring Agent. The attack could allow an attacker to download malware, modify data, and delete...

/ June 25, 2020