Category: Security
Cybersecurity Threat Advisory: Critical VMware Vulnerabilities
Threat Update VMware has released an advisory detailing newly discovered vulnerabilities across multiple products, namely ESXI, vCenter Server and Cloud Foundation. The severity of these vulnerabilities varies but included among them is a remote code execution vulnerability that has received...
Partner Spotlight: MSP drives success with Email Threat Scanner
Founded in 2008 and headquartered in Indianapolis, Indiana, Resultant’s services offerings include management consulting, IT consulting, cybersecurity, email security data analytics, and project management for businesses and non-profits of all sizes and industries, as well as government agencies. Mark Creighton,...
MSPs can safeguard clients’ personal health information
MSPs are finding themselves with more and more PHI (personal health information) to safeguard. But how do you safeguard the safeguarding? As a journalist who covers the burgeoning med-tech space, I’ve witnessed first-hand some, at best, sloppy, and, at worst,...
Cybersecurity Threat Advisory: Oldsmar, Florida Water Treatment Facility Compromised
Threat Update A water treatment facility in Oldsmar, Florida had their SCADA systems breached by an unidentified hacker. The hacker attempted to modify chemical levels to effectively poison the local water supply. The hacker’s intrusion was swiftly detected and contained...
Beware familiarity blindness
Phishing continues to dominate security discussions as 2021 unfolds. According to Security Boulevard: “By mid-2020, SlashNext Threat Labs saw the number of daily phishing threats top 25,000 a day, a 30 percent increase over 2019 figures. By fall, the number...
Cybersecurity Threat Advisory: Critical VMWare ESXi Vulnerabilities Exploited
Threat Update There are two critical remote code execution vulnerabilities (CVE-2019-5544 and CVE-2020-3992) within VMWare ESXi which allow attackers to effectively gain control of a virtual machine (VM), deploy ransomware, and encrypt ESXi virtual disk drives. These vulnerabilities are reported...
Hit by ransomware, a second time?
Sometimes it is easy to overlook the obvious when distracted by the meltdown of the moment. Still, MSPs and other security stakeholders need to take a holistic view when something happens. Often, an MSP may be so concerned – understandably...
Cybersecurity Threat Advisory: Apple iOS Zero-Day Vulnerabilities Exploited in Wild
Threat Update Apple has announced that they have learned of three zero-day vulnerabilities affecting their iOS operating system. One of the vulnerabilities (CVE-2021-1782) affects the system kernel, allowing for privilege escalation; while the other two (CVE-2021-1870, CVE-2021-1871) are present within...
Cybersecurity Threat Advisory: Threat Actors Abusing Windows RDP Servers
Threat Update The RDP service for Windows devices operating on UDP port 3389 can currently be used in an amplified attack resulting in the potential DDoS of a target. A system which is either involved in or the target of...
Cybersecurity Threat Advisory: Updates on Global Intrusion Campaign
Threat Update Government and private sector organizations are constantly releasing updates on all manner of topics relating to the SolarWinds Orion compromise. In this article, we have detailed recently released information related to the incident. Technical Detail & Additional Information...
