Category: Security
MSPs must be wary of insider threats
Insider threats comprise some of the most challenging cybersecurity terrain for businesses. Insider threats generally fall into one of two “buckets.” There’s the well-meaning but negligent employee who leaves an unsecured laptop on the train, opens a WiFi hotspot in the...
Cybersecurity Threat Advisory 0021-21: 4/13/21 Microsoft Exchange Patches 2.0
Threat Update Due to the rise in targeted attacks on on-prem Microsoft Exchange servers, Microsoft, security vendors, and threat actors across the world have been looking for vulnerabilities within Microsoft Exchange services. This past Tuesday (4/13/2021), Microsoft has issued another...
Making sure your vendors are secure
We’ve all heard about major breaches and the cascading impact they can have across a variety of services. As an MSP, these upstream breaches are clearly out of your control, but you can and should be questioning whether the services...
Q&A: Ethical hacking and pen testing to protect against phishing
Phishing continues to be one of the biggest threats to network security, which has led to “ethical hacking” being used to protect against it. If you’re wondering why methods like ethical hacking and pen testing are necessary to stop phishing,...
Cybersecurity Threat Advisory: Critical VMware Carbon Black Cloud Vulnerability
Threat Update A critical vulnerability was recently discovered in the VMWare Carbon Black Workload appliance that could allow an attacker to take control of a vulnerable system. A successful exploit would give an attacker the ability to obtain a valid...
Cybersecurity Threat Advisory: ATPs Exploiting FortiOS Vulnerabilities
Threat Update The FBI and CISA released a joint cybersecurity advisory documenting that a number of APTs have been seen in the wild scanning for three FortiOS vulnerabilities (CVE-2018-13379, CVE-2019-5591 and CVE-2020-12812). These vulnerabilities, if exploited, can allow unauthorized remote...
A conversation about ransomware in 2021
The year 2021 continues to see a surge in ransomware as the world’s cyber ecosystem begins to ease into a post-pandemic phase. The education and healthcare sectors remain particularly vulnerable to ransomware as hackers attempt to squeeze more out of...
Ask an MSP Expert: How can I meet evolving cloud security needs?
Q: Many of my SMB customers have adopted cloud solutions as a result of their shift to operating with a remote workforce. How can my MSP maintain strong cloud security while keeping pace with this shift? According to a recent...
Tomorrow’s cybersecurity at today’s colleges
University students in 2021 have a worldview of cybersecurity that has been shaped by the pandemic and forged by immersion in technology from cradle to college. Smarter MSP recently caught up with Bilal Shebaro, an associate professor in the Department of...
Cybersecurity Threat Advisory: Purple Fox Rootkit
Threat Update The Purple Fox rootkit has recently improved propagation capabilities which makes it easier to spread through a network. This could make it easier for threat actors to steal data from or potentially infect compromised machines with other types...
