Category: Security
Managed data infrastructure services gaining momentum
Data creation and storage are growing exponentially, and more organizations are turning to managed service providers (MSPs) to handle the infrastructure needed to process it. A survey of nearly 200 IT leaders conducted by DataStrike, a provider of managed IT...
The SOC case files: XDR neutralizes threat targeting MSP
This edition of the SOC case files showcases how an incident was detected, contained, and mitigated in about a minute. The SOC is part of Barracuda Managed XDR, an extended visibility, detection, and response (XDR) service. It provides customers with...
Experts look back at 2024’s cybersecurity news
The year 2024 was full of cybersecurity news. It was a year of data breaches, ransomware, the rise of quantum computing, and much more. The only constant was change. As ransomware continued to wreak havoc, according to Security Intelligence, ransomware...
Cybersecurity Threat Advisory: Three critical Sophos firewall vulnerabilities
Sophos has disclosed three critical vulnerabilities in its firewall product that could allow remote unauthenticated attackers to perform structured query language (SQL) injection, execute arbitrary code, and gain privileged secure shell (SSH) access to affected devices. Review the details of...
Cybersecurity Threat Advisory: Adobe ColdFusion vulnerability
A vulnerability within Adobe ColdFusion could result in arbitrary system file reads and writes. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is the threat? The vulnerability, tracked as CVE-2024-20767, was found within the...
Cybersecurity Threat Advisory: Critical Windows kernel vulnerability
A pointer dereference weakness was discovered within the Microsoft Kernel Streaming Service that would allow an attacker to escalate their privileges to SYSTEM without any user interaction being required. Review the details in this Cybersecurity Threat Advisory to learn how...
Cybersecurity Threat Advisory: New social engineering campaign
An active social engineering campaigns uses Microsoft Teams and AnyDesk to deploy DarkGate malware. Attackers are impersonating trusted contacts during Teams calls to deceive victims into installing remote access tools, facilitating unauthorized system access, and deploying the malware. Review the...
Cybersecurity Threat Advisory: Microsoft MFA AuthQuake flaw
A new critical security flaw in Microsoft’s multi-factor authentication (MFA) system has been discovered. It enables attackers to easily bypass the protection and gain unauthorized access to user accounts. Review this Cybersecurity Threat Advisory to learn how to mitigate your...
Cybersecurity Threat Advisory: CoinLurker malware exploit
Threat actors have begun using bogus software updates to deliver a new stealer malware known as “CoinLurker.” This malware uses cutting-edge obfuscation and anti-analysis techniques, making them frighteningly effective for threat actors. Continue reading this Cybersecurity Threat Advisory to learn...
Survey suggests opportunities for managed network services
A global survey of over 500 professionals in the areas of networking, operations, cloud, and architecture finds nearly two-thirds (65 percent) relies on third parties to deliver managed network services. A full 84 percent regularly learn about network issues from...
