Category: Security
Zero-day attacks wreak havoc on notable targets
Some major brands have been rocked by zero-day attacks and vulnerability discoveries in recent weeks. A popular plug-in for WordPress is the subject of a zero-day vulnerability that may expose more than 700,000 sites to malicious exploit. The WordPress File...
Cybersecurity Threat Advisory: Increased Attack Activity of Trickbot Variant
Advisory Overview The SKOUT Security Operations Center has recently observed an uptick in attack activity involving an emerging Trickbot variant known as Bazar Backdoor. Trickbot is a banking trojan and information stealer that has evolved over the years to fill...
Managing data sprawl
As a managed service provider (MSP), data is one of the many things we are responsible for. However, the shift to remote working, followed by partial staff returns to the office, with the possibility of workforces heading back home again...
Cybersecurity best practices for back-to-school 2020
Hackers have been exploiting weaknesses in school networks as campuses reopen in varying degrees during the pandemic. Schools of all sizes, though, are finding out what a threat hackers can pose to the educational process. The superintendent of the Valparaiso...
Ask an MSP Expert: Should I outsource my cybersecurity?
Q: Our MSP is known for its robust and affordable cybersecurity. I’ve heard, however, that MSPs should outsource their own cybersecurity. What are your thoughts? MSPs have recently suffered a spate of cybersecurity glitches that have cast a spotlight on...
Cybersecurity Threat Advisory: Zerologon Attack Targeting Windows Servers
Advisory Overview A critical vulnerability has been discovered which affects potentially all Windows domain controllers and can allow an unauthenticated attacker on the network to take control of an Active Directory domain controller at will. This can allow the attacker...
Hackers join the back to school rush
Around the world, workers are dealing with the new reality of having their offices at home. But professionals aren’t the only ones needing to adapt to being at home for the long haul; students are too. And MSPs and IT...
Cybersecurity Threat Advisory: Microsoft’s Patch Critical RCE Flaws
Advisory Overview Several Remote Code Execution (RCE) security flaws were announced in Microsoft’s patch Tuesday; 129 security bugs to be exact. As remote work increases, the need for RCE security increases and at an overwhelming rate. A strong mitigation tactic...
Cybersecurity Threat Advisory: Palo Alto Buffer Overflow Vulnerability (CVE-2020-2040)
Advisory Overview Palo Alto has released a patch for a buffer overflow remote code execution (RCE) vulnerability for their PAN-OS 8.1, 9.0, and 9.1 versions. The vulnerability can allow threat actors to bypass Multi-Factor Authentication (MFA) and execute potentially malicious...
Cybersecurity Threat Advisory: (DVMRP) Vulnerability Found in Cisco IOS XR
Advisory Overview A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. A successful exploit by such an attacker could...
