Category: Security
Cybersecurity Threat Advisory: Microsoft Outlook elevation of privilege vulnerability
Last week, Microsoft Threat Intelligence discovered a critical elevation of privilege (EoP) vulnerability in Microsoft Outlook that allows for New Technology LAN Manager (NTLM) credentials to be stolen. Threat actors can potentially authenticate, escalate privileges, and gain access to the...
Navigating the National Cybersecurity Strategy for MSPs
Changes to cybersecurity policy and strategy at the Federal Government level means MSPs will have to navigate an increasingly complex regulatory environment in the years ahead. “That is not surprising as it often takes a little while for the law...
Threat Spotlight: 3 novel phishing tactics
As cybercriminals work to make phishing attacks more effective, they are continually introducing new techniques and tactics to try to trick victims, bypass security, and avoid detection.
Cybersecurity Threat Advisory: New phishing campaigns
Cybercriminals have started new phishing campaigns that targets organizations and individuals who were members of affected banks. Fraudulent messages are being sent in an attempt to trick victims into revealing personal/account information such as social security numbers, passwords, and account...
Cybersecurity Threat Advisory: New Fortinet vulnerability
Fortinet has released information concerning a FortiOS & FortiProxy Heap Buffer administrative interface vulnerability with a CVSS score of 9.3. The vulnerability allows an unauthenticated attacker to execute commands on the device and/or perform a denial-of-service (DoS) attack on the...
The geographical IT salary is narrowing
One of the benefits of being a managed service provider (MSP) in a smaller market is that IT professional salaries, mainly due to the lower cost of living, tend to be lower than in places such as New York or...
Why updating cybersecurity awareness training is vital
Cybersecurity awareness training is the most potent weapon MSPs can use to defend against breaches and cybercriminals. However, it is essential to remember that the training is not a one-and-done proposition, it needs to be updated continuously, and the trainers need...
Barracuda featured on CRN’s 2023 Security 100 List
We’re excited to share that today announced that CRN®, a brand of The Channel Company, has named Barracuda to its annual Security 100 list for the seventh year in a row. Recognizing leading IT channel security leaders, the Security 100 list honorees bring...