Category: Security
Cybersecurity Threat Advisory: Jenkins UDP DDoS Attack (CVE 2020-2100)
Advisory Overview Jenkins is an open source automation server used to build, test and deploy software projects. Attackers are rendering two services that are enabled by default in Jenkins (UDP multicast/broadcast and DNS multicast) unusable with Distributed Denial of Service...
Tech Time Warp: The arrest of hacker Kevin Mitnick
The story of the man who calls himself the “world’s most famous hacker” contains a moral: It’s often the human element, not the high-tech, that allows intrusion into the most secure of systems — and allows hackers to exist in...
Threat of toll fraud emerges
MSPs have an increasing amount of cyber turf to defend with the rapid proliferation of IoT devices and interconnected networks. Add to the mix the arsenal of weapons the bad guys have, and an MSP could be forgiven for overlooking...
Cybersecurity Threat Advisory: Cisco Firepower Management Center Vulnerability
Advisory Overview Security researchers discovered a critical flaw in the web interface of the Cisco Firepower management center (FMC). Cisco Firepower management center is a platform for managing Cisco network security solutions such as firewalls, application control, intrusion prevention, URL...
Ask an MSP Expert: How can I make sure my customers are secure online?
Q: One of my customers recently fell victim to a suspicious download from a fraudulent website. How can I prevent this in the future? Attacks through websites are not uncommon. As cybercriminals become more sophisticated with attack vectors such as drive-by downloads and malvertising,...
Tech Time Warp: The 2005 Academy Awards phone hack
When Hollywood’s elite stroll the red carpet at the 92nd Academy Awards on February 9, they’ll need to watch out for flashing cameras, Ryan Seacrest, and… hackers? It’s happened before.
Conversation hijacking emerges as a cybersecurity threat
Recent research by Barracuda Networks highlights the growing dangers of “conversation hijacking.” According to the research, an analysis of approximately 500,000 monthly email attacks shows a 400 percent increase in these types of attacks. There were approximately 500 incidents in...
Cybersecurity Threat Advisory: RCE in OpenSMTPD library (CVE-2020-7247)
Advisory Overview There is a critical remote code execution vulnerability in the OpenSMTPD library, impacting BSD and Linux Distros. Exploitation could allow an attacker to execute commands as root. A link to the patch is included in the recommendation section...
Cybersecurity attacks on MSPs begin to shake customer confidence
The interest in managed security services is on the rise. However, it turns out that it’s not only becoming more difficult to deliver those services, customers of managed security service providers (MSSPs) are also becoming less satisfied. Dark Cubed, a...
Cybersecurity Threat Advisory: Iranian Hacking Campaign Targets European Energy Company
Advisory Overview Researchers have reported increased cyber activity within the European energy sector by a high-profile hacking group. The increased activity is possibly linked to Iranian state sponsored attacks. The hackers conducted cyber espionage and gained remote access using the...
