Category: Security
Cybersecurity Threat Advisory: Ransomware attacks on ESXi systems
New ransomware attacks were discovered targeting ESXi systems that use stealthy SSH tunnels to direct traffic to command-and-control (C2) infrastructure, enabling attackers to remain undetected. Continue reading this Cybersecurity Threat Advisory to discover the key steps to safeguard your environment....
Cybersecurity Threat Advisory: Apple iOS zero-day vulnerability
Apple has released critical security updates to address an actively exploited zero-day vulnerability, tracked as CVE-2025-24085. Continue reading this Cybersecurity Threat Advisory in full to learn what devices are affected and how you can mitigate your risk regarding this vulnerability....
Q&A: New Barracuda Email Protection advancements
We’re thrilled to announce exciting new advancements to Barracuda Email Protection. These updates — including flexible deployment options, enhanced security capabilities, and more — make it easier than ever for organizations of all sizes and IT environments to defend against increasingly...
Cybersecurity Threat Advisory: Fortinet authentication vulnerability
A critical Fortinet authentication bypass vulnerability, CVE-2024-55591, is actively exploited in the wild. This vulnerability impacts FortiOS and FortiProxy, with a CVSS score of 9.6. Continue reading this Cybersecurity Threat Advisory to learn the necessary steps to protect your environment....
Cybersecurity Threat Advisory: Critical vulnerabilities in VPNs and routers
Critical vulnerabilities have been discovered in multiple tunneling protocols, potentially exposing approximately 4.2 million hosts. These include a wide range of devices such as Virtual Private Networks (VPNs), Internet Service Provider (ISP) home routers, core internet routers, mobile network gateways,...
Cybersecurity Threat Advisory: SonicWall SMA1000 vulnerability
A pre-authentication deserialization vulnerability has been discovered in SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) and is already being used in zero-day attacks. Review the details within this Cybersecurity Threat Advisory to protect your organization. What...
Threat Spotlight: Tycoon 2FA phishing kit updated to evade inspection
This Threat Spotlight sheds light on the Tycoon multi-factor authentication phishing kit and the tactics it uses to evade protection solutions. Phishing-as-a-Service (PhaaS) provides attackers with advanced toolsets and templates that enable them to quickly deploy phishing campaigns. The rapid...
Unlocking a new opportunity: Selling cybersecurity to schools for MSPs
Managed service providers (MSPs) often overlook schools and other educational institutions, even though they present an excellent opportunity for new business. That is, if one is ready to handle some of their inherent challenges. According to various market research reports,...
The SOC case files: XDR’s automation offers rapid cloud protection
This edition of the SOC case files showcases how Barracuda Managed XDR detects an impossible travel, indicating a user login credentials were compromised. Incident summary An employee at a telecommunications company connected as usual to their cloud account. They then...
Cybersecurity Threat Advisory: Vulnerability in Ivanti secure access solutions
A critical security flaw in Ivanti, CVE-2025-0283, is affecting Ivanti Connect Secure, Policy Secure, and ZTA Gateways. This stack-based buffer overflow vulnerability allows a locally authenticated attacker to escalate their privileges. Continue reading this Cybersecurity Threat Advisory to mitigate your...
