Category: Security

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Veeam Backup security flaws

Cybersecurity Threat Advisory: Veeam Backup security flaws

There were recently six vulnerabilities discovered in Veeam Backup and Replication. One of them is an unauthenticated remote code execution (RCE), while the other five include authenticated RCE, arbitrary file deletion, low-privileged multi-factor authentication (MFA) setting modification and MFA bypass,...

/ September 10, 2024
cyber risk
Summer Roundup: Cyber risks for MSPs to monitor

Summer Roundup: Cyber risks for MSPs to monitor

As summer begins its swan song and thoughts begin to turn toward autumn, the Cybersecurity and Infrastructure Security Agency (CISA) has a fresh batch of advisories. Released in August, these advisories highlight the various cyber risks lurking out there, many...

/ September 10, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cicada3301 ransomware variant

Cybersecurity Threat Advisory: Cicada3301 ransomware variant

A new ransomware variant has been found, known as Cicada3301. It exhibits similarities to the defunct BlackCat (ALPHV) operation, and it targets both Windows and Linux systems. Review the details in this Cybersecurity Threat Advisory to learn how this variant...

/ September 6, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Chrome zero-day vulnerability

Cybersecurity Threat Advisory: Chrome zero-day vulnerability

A critical zero-day vulnerability in Chrome has been identified, allowing unauthorized access and potential remote code execution on affected systems. Continue reading this Cybersecurity Threat Advisory for more information and to safeguard your systems now. What is the threat? The...

/ September 5, 2024
ITRC
Three new reports from ITRC: H1 breaches, 2023 trends, and a new toll scam

Three new reports from ITRC: H1 breaches, 2023 trends, and a new toll scam

As longtime readers of this space already know, I’m a big fan of the Identity Theft Resource Center (ITRC). Their regular breach reports provide lots of highly detailed statistics, their trend reporting is invaluable to help project the future of...

/ September 4, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: VMware ESXi vulnerability exploited by BlackByte ransomware

Cybersecurity Threat Advisory: VMware ESXi vulnerability exploited by BlackByte ransomware

BlackByte ransomware group is actively exploiting CVE-2024-37085, a recently patched authentication bypass vulnerability in VMware ESXi hypervisors. The exploitation of this flaw has led to the deployment of ransomware across victim networks. BlackByte ransomware group has marked it as a...

/ September 3, 2024
cyber-physical attack
The cyber-physical attack threat is growing

The cyber-physical attack threat is growing

In most cases, a breach involves hackers stealing data they can then resell on the dark web. As a result, distributed denial-of-service (DDoS) attacks and other attacks used to steal data are part of a hacker’s repertoire that managed service...

/ August 29, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical SonicOS vulnerability

Cybersecurity Threat Advisory: Critical SonicOS vulnerability

A critical vulnerability has been identified in the SonicWall SonicOS management access. Continue reading this Cybersecurity Threat Advisory to learn about this vulnerability and recommendations to secure your environment. What is the threat? CVE-2024-40766, a critical vulnerability in the management...

/ August 27, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Your Oracle NetSuite data may be exposed

Cybersecurity Threat Advisory: Your Oracle NetSuite data may be exposed

Researchers discovered that externally-facing Oracle NetSuite e-commerce sites may expose sensitive customer information when configured inaccurately. Review the details in this Cybersecurity Threat Advisory to learn best practices to mitigate your business risk. What is the threat? It is found...

/ August 22, 2024
Neal Bradbury on driving innovation for the channel at Barracuda

Neal Bradbury on driving innovation for the channel at Barracuda

For our long-term subscribers and those who have been in the managed services industry for the past two decades, you may be familiar with Neal Bradbury, who co-founded Intronis, a managed service provider (MSP) focused data protection company.   Recently appointed...

/ August 22, 2024