Category: Security
Cybersecurity Threat Advisory: BulletProofLink Phishing-as-a-Service (PhaaS) Campaign
Threat Update Microsoft recently released the results and analysis from its deep dive into BulletProofLink, a large-scale phishing-as-a-service (PHaaS) operation that follows a software-as-a-service (SaaS) business model. This model allows threat actors to purchase phishing kits and email templates in...
Cybersecurity Threat Advisory: AWS Workspaces Remote Code Execution
Threat Update Rhino Security Labs has discovered a vulnerability in the AWS WorkSpaces desktop client, tracked as CVE-2021-38112, which allows commands to be executed if a victim opens a malicious WorkSpaces URI from their browser. Since the report’s release, Amazon...
Cybersecurity Threat Advisory: Office 365 Zero-Day Attacks
Microsoft has released a mitigation for a vulnerability which exists on Windows 10 and can be exploited to launch zero-day attacks against Office 365 and Office 2019. Identified as CVE-2021-40444, this vulnerability could allow attackers to execute arbitrary code on...
Tech Time Warp: Swen worm poses as security patch
The hits for network admins kept coming in late summer/early fall 2003. Just weeks after the Blaster-Welchia-SoBig.F triple punch, the Swen worm wriggled its way onto at least 1.5 million computers. Like so many other pieces of malware, Swen exploited...
Cybersecurity implications of PIPL
Idyllic fields of corn and soybeans spread out in all directions from a small midwestern manufacturing campus. Tucked within a town of around 20,000 people, the facility seems worlds away. But a recent data breach on the company’s servers illustrates...
MSPs need to keep an eye on “soft targets”
I talk to MSP owners weekly about cybersecurity trends in the industry and which trends are the most troubling. By far, what I hear about most in 2021 is ransomware. And the statistics bear out the fear of ransomware hitting...
Cybersecurity Threat Advisory: Malicious Word Files Disguised as Windows 11 Documentation
Threat Update Security researchers have discovered recent attempts by threat actors to infect machines with malicious Word documents containing VBA macros and JavaScript to plant a backdoor and create persistence. These Word documents are disguised as documentation or information related...
The PT BUZZ Podcast: Tips for ransomware protection
PT Services is excited to kick off a new podcast series called the PT Buzz. Over the next few months, we’ll be checking in with different subject matter experts from Barracuda MSP, as we take a deeper dive into issues...
Cybersecurity dangers when a business closes
Most MSPs are banking on their clients staying in business and hoping for a long, fruitful partnership based on delivered value and shared needs. But businesses do fail, and lurking within the ruins of a wrecked business are cybersecurity dangers...
Cybersecurity threat advisory: Lockbit ransomware on the rise
Global consulting firm Accenture was recently hit by a ransomware attack that was allegedly carried by the ransomware group, LockBit. In response, SKOUT Managed XDR (now a Barracuda offering) has updated their threat intelligence to include key indicators of compromised...
