Category: Security
How work from home is transforming cybersecurity
The pandemic crisis of 2020 will go down as one of the most significant upheavals to the workplace since the industrial revolution. What we don’t yet know is what the long-term impact will be. If a coronavirus vaccine is developed...
Cybersecurity Threat Advisory: VMware Cloud Director Flaws (CVE 2020-3956)
Advisory Overview VMware Cloud Director is potentially vulnerable to a remote code injection attack that would allow an attacker to view/modify databases and escalate privileges from organizational admin to system admin. SKOUT advises updating VMware Cloud Director to version 10.1.0...
Threat Spotlight: Form-based attacks
A new type of brand impersonation attack is disproportionately using Google-branded sites to trick victims into sharing login credentials. Making up 4 percent of all spear phishing attacks in the first four months of 2020, Barracuda researchers have seen steady detections through...
Cybersecurity takeaways from the pandemic
It’s been about two months, and there has been a seismic shift in cybersecurity and the workforce in general. Work-from-home was always a long pondered goal of environmentalists and sociologists, but for many it has remained only in the realm...
Cybersecurity Threat Advisory: SAP Adaptive Server Enterprise Vulnerabilities
Advisory Overview Six critical vulnerabilities were recently disclosed in SAP Adaptive Server Enterprise that could allow hackers to execute arbitrary code, expose passwords, and elevate privileges. SKOUT recommends updating SAP ASE to the latest version. Technical detail and additional information...
Cybersecurity Threat Advisory: ConnectWise Automate Security Vulnerability
Advisory Overview ConnectWise issued a warning to its MSP customers about a security vulnerability found in Automate, a remote management platform, in which the API can be used by a remote user to make modifications to the Automate instance. Technical...
Restaurants, MSPs, and the post-pandemic world
“Would you like to supersize that?” Ah, remember the days when that was a simple question about the size of your fries or soda? Now, that question is fraught with cybersecurity issues that can lead to supersized cybersecurity issues.
Cybersecurity Threat Advisory: Microsoft Releases Patch for Critical Vulnerability SMBleed
Advisory Overview Microsoft has released a patch for a critical vulnerability affecting Server Message Block (SMB) protocol. This new vulnerability can be exploited to allow an attacker to leak information from kernel memory remotely and can be combined with additional...
Five emerging cybersecurity trends mid-way through 2020
As we approach the halfway point of 2020 (yes, hard to believe), this is an excellent time to look at the cybersecurity landscape to see what trends have emerged and how you can position your cybersecurity offerings for the remainder...
Cybersecurity Threat Advisory: Exim Mail Transfer Agent Actively Exploited by Russian
Advisory Overview According the NSA, Russian military cyber actors have been exploiting a vulnerability in Exim mail transfer agent (MTA) software in Unix-based systems. The vulnerability could allow hackers to execute commands with root privileges. SKOUT recommends updating Exim to...
