Category: Security
The cloud-breaching headlines keep piling up
The cloud has been victim to several high-profile breaches in recent weeks. The latest involves Pharmaceutical giant Pfizer, which suffered a significant breach of unsecured cloud data. According to Security Boulevard: The exposed data, including email addresses, home addresses, full...
Seven key ways to defend a network from fatal DDoS attacks
Distributed Denial of Service Attacks (DDoS) are much different than what they used to be. In the past, DDoS attacks involved sending as much traffic and data as possible to a network or server, with the idea of overwhelming it...
Ask an MSP Expert: MSPs and November elections
No matter what happens on Election Day in the USA, it will ripple through the MSP ecosystem. All significant events tend to bring out the cybercriminals, and 2020 has been a bonanza for the bad guys. According to a Forbes...
Cybersecurity Threat Advisory: Ryuk Ransomware Activities Overview
Advisory Overview The SKOUT Security Operation Center is closely following the increase of ransomware activity targeting the healthcare sector. Threat actors are infecting critical healthcare providers/facilities networks with the ransomware variant, Ryuk. A successful attack could disable critical healthcare infrastructure...
Email threat types: Domain Impersonation
Domain impersonation, also known as typosquatting, is often used as part of a conversation hijacking attempt. Attackers target legitimate domains, such as Barracudamsp.com, by creating domains that appear similar. Such a domain might be accessed by a user typing the...
Tech Time Warp: Credit card companies put PCI compliance in place
We were headed toward a nearly cashless society anyway, but the COVID-19 pandemic and the rise of “contactless” transactions is likely the final push over the edge. Every time you place a takeout order via a mobile app, you’re putting...
Cybersecurity Threat Advisory: Cisco Webex Teams for Windows DLL Hijacking
Advisory Overview A vulnerability has been discovered which affects the Cisco Webex Teams client for Windows which can allow an authenticated, local attacker to execute arbitrary code at potentially increased privilege through DLL hijacking. This can allow an attacker to...
MSPs and election cybersecurity
MSPs have emerged as central players in the democracy machinery. And after a rash of recent attacks on MSPs, some worry that MSPs may face a new challenge in election cybersecurity for the United States’ upcoming Presidential elections. Tim Davis,...
Email threat types: Data exfiltration
Data exfiltration, sometimes referred to as data theft, is the unauthorized transfer of data from your computer, network, or other devices. The stolen data is transferred from the victim to a control server or some other device that is controlled...
The Creeper and the Reaper make cybersecurity history
“I’M THE CREEPER. CATCH ME IF YOU CAN.” This eerie message is the equivalent of “hello, world!” in cybersecurity history. In 1971, Bob Thomas, an engineer at BBN Technologies in Cambridge, Massachusetts, developed the first computer worm, dubbed the “Creeper.”
