Category: Security
Threat Spotlight: The evolving use of QR codes in phishing attacks
QR code phishing, also known as quishing, is a type of social engineering attack. Cybercriminals try to trick victims into using the camera on their mobile phone to scan a QR code that goes to a malicious website to steal sensitive...
Cybersecurity Awareness Month is an opportunity to recommit to training
The core of Cybersecurity Awareness Month is in its name: Awareness. Experts agree that user training is the most effective and cost-efficient way to raise awareness and deter cyberattacks. Key statistics from SANS Institute’s 2024 annual cybersecurity awareness report reinforce this...
Cybersecurity Threat Advisory: Windows Kernel vulnerability used in espionage campaign
Researchers have observed the well-known cyber espionage group OilRig exploiting a now-patched privilege escalation vulnerability (CVE-2024-30088) in the Windows Kernel to conduct espionage operations. Read this Cybersecurity Threat Advisory to learn more about the espionage campaign and how to avoid...
Cybersecurity Threat Advisory: Mozilla Firefox zero-day vulnerability
A Mozilla Firefox critical zero-day vulnerability, CVE-2024-9680, has emerged. This vulnerability allows an attacker to have unauthorized access and potential remote code execution on the affected OS. Continue reading this Cybersecurity Threat Advisory for recommendations to remediate this threat. What...
Cybersecurity Threat Advisory: Critical Ivanti CSA flaw actively exploited
Three Ivanti Cloud Service Appliance (CSA) vulnerabilities are being exploited and weaponized in the wild. Read this Cybersecurity Threat Advisory to learn how you can mitigate your risk of being targeted. What is the threat? The Ivanti CSA vulnerabilities, catalogued...
What we can learn from top tech advice we never listen to
October 2024 marks the 21st Cybersecurity Awareness Month – four weeks of themed activity designed to raise awareness of cybersecurity and the importance of staying safe online. For 21 years, this annual event has exhorted people and businesses to take steps such...
Tip Tuesday: Spot the phish this Cybersecurity Awareness Month
October is Cybersecurity Awareness Month, making it an ideal time for managed service providers (MSPs) to educate their clients about phishing threats. Most people log into various online accounts daily, never considering that cybercriminals may try to trick them into...
Cybersecurity roadmap: How MSPs can guide customers through the risk landscape
As cyber threats evolve and proliferate business systems, managed security providers (MSPs) are vital in helping businesses counter attacks by adopting a comprehensive strategy for risk mitigation. This includes preparation, response, and recovery, while also understanding the organization’s cybersecurity risk...
Cybersecurity Threat Advisory: ‘Salt Typhoon’ causing damage in North America
Salt Typhoon, a highly sophisticated Chinese hacking group, has breached significant sectors in North America and Southeast Asia. Continue reading this Cybersecurity Threat Advisory to learn more about this notorious group and how to prevent your organization to become the...