Category: Security
Survey shows strong need for external cloud expertise
A global survey of 1,000 technology practitioners and decision-makers conducted by Forrester Consulting on behalf of HashiCorp finds 43 percent plan to work more strategically with systems integrators, resellers, and consultants, to better manage their cloud computing environments. There is...
Cybersecurity view from an artificial intelligence optimist
2023 has been the year of generative AI. Will it transform cybersecurity as we know it? Or will the status quo prevail as a continual cat-and-mouse game between the cyber-good and the cyber-bad? SmarterMSP is talking to a variety of...
Cybersecurity Threat Advisory: New FortiNAC critical vulnerability update released
A critical remote code execution vulnerability (CVE-2023-33299) with a CVSS score of 9.6 has been discovered in Fortinet’s FortiNAC product. This vulnerability poses a significant risk as it could allow an unauthenticated user to execute unauthorized code or commands by...
Cybersecurity Threat Advisory: Command injection flaw in Zyxel NAS devices
Zyxel, a networking equipment manufacturer, has released urgent security updates to address critical vulnerabilities in their network-attached storage devices. CVE-2023-27992 (CVSS score: 9.8) has been declared as a pre-authentication command injection vulnerability. What is the threat? The threat involves multiple vulnerabilities...
Threat Spotlight: Attackers use 15-year-old tactics to target security flaws
Attackers are quick to exploit new opportunities for attack. The reporting of the Log4J bug in December 2021, for example, is believed to have led to a 150% increase in exploit activity the following year. However, an analysis of Barracuda’s threat detection...
Cybersecurity Threat Advisory: New custom malware discovered
Researchers have uncovered a year-long, highly targeted cyber-attack utilizing custom malware called RDStealer. The bespoke malware campaign against an East Asian IT company has been active for more than a year with the intent to compromise credentials and exfiltrating data....
Cybersecurity Threat Advisory: Critical vulnerabilities with ASUS routers
ASUS recently released critical security updates for several vulnerabilities across multiple router models. Two out of the nine vulnerabilities are categorized as Critical, including an out-of-bounds write vulnerability and a memory corruption flaw. Barracuda SOC recommends applying the latest security...
Bend, don’t break: How attackers and defenders learn from each other
For more than 30 years, cyber attackers and security teams have battled it out across the digital landscape, one side looking for gaps and flaws to target, the other side fixing and protecting them. The pace of the conflict is...
MSPs and the next wave of cybersecurity AI solutions
While cybersecurity researchers tend to revel in discovering vulnerabilities, many of the ones that do get disclosed require cybercriminals to have extensive expertise to exploit. Most cybercriminals today remain focused on launching attacks that use tried and true techniques and...
An expert’s view for MSPs to stay ahead of the cybersecurity talent shortage
While AI has been dominating the headlines in cyber circles throughout 2023, another less glamorous topic is just as acute: the cybersecurity talent shortage. We’ve covered this topic in the past, but the challenge continues. In the 2022 Cybersecurity Workforce...