Category: Security
Cybersecurity Threat Advisory: GitHub supply chain attack
Malicious actors have launched a software supply chain attack targeting developers on the GitHub platform. Barracuda MSP recommends taking proactive measures detailed in this Cybersecurity Threat Advisory to mitigate the risk. What is the threat? A variety of techniques were...
CISA and NSA weigh in on best cybersecurity practices for MSPs
The Cybersecurity and Infrastructure Security Agency (CISA), along with the National Security Agency (NSA), have defined a set of best cloud security practices that specifically call for managed services providers (MSPs) to provide more visibility into their IT operations. The...
Cybersecurity Threat Advisory: New vulnerability in Apple M-chip
A new security exploit, GoFetch, was found in Apple’s M-chip architecture. It takes advantage of data memory-dependent prefetchers (DMPs) and could use the device as a new attack vector. Continue reading this Cybersecurity Threat Advisory to learn how you can...
Cybersecurity Threat Advisory: StrelaStealer malware targets organizations
A new email threat, StrelaStealer malware, is targeting Europe and United States organizations. It spreads through phishing emails with attachments that execute its dynamic-link library (DLL) payload designed to steal email login data. This Cybersecurity Threat Advisory reviews the threat...
An in-depth look at the role of AI in today’s email threats
IT business growth expert Richard Tubb and Senior Director of Product Marketing Nishant Taneja dive into the ever-evolving email threats in the age of AI during a recent webinar. They shared how AI has transformed phishing attacks as well as...
Tip Tuesday: Educating customers on the importance of backup for World Backup Day
World Backup Day, recognized on March 31 every year, serves as a reminder for managed service providers (MSPs) to reprioritize their client’s data security. As the threat landscape continues to evolve and cyber attacks grow increasingly sophisticated, a robust and...
Cybersecurity Threat Advisory: Fortinet FortiClientEMS critical vulnerability
Fortinet has released security updates for an unauthorized code execution vulnerability impacting their FortiClientEMS (Endpoint Management Server) product. The vulnerability, CVE-2023-48788, is related to a flaw that allows unauthenticated malicious actors to execute code or commands onto the server via...
The value of contextual data in cybersecurity
Contextual data has been a term circling the cybersecurity space for a while now. What exactly is contextual data, and how can managed service providers (MSPs) leverage it to make robust protection programs for clients? Contextualized data in cybersecurity refers...
Cybersecurity Threat Advisory: Critical Fortinet vulnerability
A critical vulnerability is affecting many Fortinet devices. Approximately 150,000 Fortinet OS and FortiProxy Secure Web Gateway systems are believed to be exposed to this flaw. Continue reading this Cybersecurity Threat Advisory to learn how you can mitigate the potential...
Cybersecurity Threat Advisory: OpenEdge authentication bypass vulnerability
A critical vulnerability (CVE-2024-1403) affecting Progress Software OpenEdge Authentication Gateway and AdminServer impacts versions 11.7.18 and earlier, 12.2.13 and earlier, and 12.8.0. The vulnerability allows unauthorized access due to manipulation of username and password combinations during the authentication process. Review...