Category: Security
Cybersecurity Threat Advisory: Palo Alto Networks Vulnerability
Advisory Overview Palo Alto Networks disclosed a critical vulnerability all next-generation firewalls running certain versions of PAN-OS that could allow an attacker to bypass authentication. SKOUT recommends upgrading PAN-OS to a fixed version. Full recommendations and links are available below....
Cybersecurity Threat Advisory: Cisco WebEx Vulnerability (CVE-2020-3347)
Advisory Overview A vulnerability was recently reported in the Cisco WebEx Meetings Desktop App for Windows releases earlier than 40.4.12 and 40.6.0 that could allow an attacker to gain access to sensitive information such as usernames, authentication tokens, and meeting...
Q&A: The ‘Best Security Offering’ for MSPs in 2020
The evolving cyberthreat landscape has made security the top priority for businesses of all sizes. More than ever, it has become imperative for MSPs to incorporate managed security service offerings in their portfolio to continue to succeed and differentiate themselves...
Cybersecurity Threat Advisory: SolarWinds RMM Vulnerability
Advisory Overview SolarWinds RMM has identified a vulnerability in versions 10.8.8 and earlier that could allow an attacker to target all devices running the Advanced Monitoring Agent. The attack could allow an attacker to download malware, modify data, and delete...
How work from home is transforming cybersecurity
The pandemic crisis of 2020 will go down as one of the most significant upheavals to the workplace since the industrial revolution. What we don’t yet know is what the long-term impact will be. If a coronavirus vaccine is developed...
Cybersecurity Threat Advisory: VMware Cloud Director Flaws (CVE 2020-3956)
Advisory Overview VMware Cloud Director is potentially vulnerable to a remote code injection attack that would allow an attacker to view/modify databases and escalate privileges from organizational admin to system admin. SKOUT advises updating VMware Cloud Director to version 10.1.0...
Threat Spotlight: Form-based attacks
A new type of brand impersonation attack is disproportionately using Google-branded sites to trick victims into sharing login credentials. Making up 4 percent of all spear phishing attacks in the first four months of 2020, Barracuda researchers have seen steady detections through...
Cybersecurity takeaways from the pandemic
It’s been about two months, and there has been a seismic shift in cybersecurity and the workforce in general. Work-from-home was always a long pondered goal of environmentalists and sociologists, but for many it has remained only in the realm...
Cybersecurity Threat Advisory: SAP Adaptive Server Enterprise Vulnerabilities
Advisory Overview Six critical vulnerabilities were recently disclosed in SAP Adaptive Server Enterprise that could allow hackers to execute arbitrary code, expose passwords, and elevate privileges. SKOUT recommends updating SAP ASE to the latest version. Technical detail and additional information...
Cybersecurity Threat Advisory: ConnectWise Automate Security Vulnerability
Advisory Overview ConnectWise issued a warning to its MSP customers about a security vulnerability found in Automate, a remote management platform, in which the API can be used by a remote user to make modifications to the Automate instance. Technical...
