Category: Security
Fileless malware is here to stay
With the focus on coronavirus, cybersecurity professionals can’t lose sight of virtual viruses. Just as biologically based threats evolve, so do virtual ones. For years, MSPs and cybersecurity experts devised defenses to intercept suspicious attachments harboring dangerous payloads. The attacks weren’t...
Protecting remote employees in the time of Coronavirus
With the growing concern over the spread of coronavirus, also known as COVID-19, there are a growing number of school closures and companies are encouraging employees to work from home when possible. Bloomberg cited that approximately 29 percent of the...
Cybersecurity Threat Advisory: ManageEngine RCE (CVE-2020-10189)
Advisory Overview Zoho ManageEngine Desktop Central is vulnerable to Remote Code Execution (RCE). The vulnerability could potentially allow an attacker to execute arbitrary code as SYSTEM or root, without the need for authentication. SKOUT recommends updating ManageEngine Desktop Central to...
New chip flaws could create more headaches for MSPs
We saw two chip flaws emerge last week affecting both Intel and AMD. The problem with these particular flaws is that they are built into the chip architecture, which makes them challenging to patch. This isn’t the first time we’ve...
Tech Time Warp: MyLife virus tempts users with screensavers
Sometimes a computer user gets tired of flying toasters. That was the gamble taken by the creators of MyLife, a worm with multiple variants infecting PCs in March and April 2002.
Cybersecurity Threat Advisory: ZyXEL NAS RCE Vulnerability (CVE-2020-9054)
Advisory Overview Several ZyXEL NAS devices are vulnerable to Remote Code Execution (RCE). The vulnerability could potentially allow an attacker to execute remote commands as root. A patch has been released, but many devices are at an end of life...
Staying ahead of social engineering attacks
According to Verizon’s 2018 Data Breach Investigations Report, social engineering represents 93 percent of email breaches. While social engineering and spear phishing attacks have malicious intent to get something from the user, they are built differently from other attacks. They...
Cybersecurity at home: The growing residential MSP market
MSPs have been dipping their big toe in the residential managed services water for years. However, the convergence of value, customer convenience, and margins still hasn’t happened on a large scale. The global managed services market size is expected to...
Cybersecurity Threat Advisory: Coronavirus Related Phishing Campaigns
Advisory Overview There has been a rise in phishing campaigns related to Coronavirus. The campaigns vary in exact messaging, but many have imitated the World Health Organization or HR departments issuing warnings and work-from-home guidelines. SKOUT advises taking extra precaution...
Cybersecurity Threat Advisory: Remote Code Execution on Microsoft Exchange Server
Advisory Overview All unpatched versions of Microsoft Exchange Server are vulnerable to a remote code execution bug. The attack requires successful authentication to an Exchange Server. Attackers are scanning the internet for unpatched servers and attempting to authenticate with leaked...
