Category: Security
Unpacking the 5G IoT MSP opportunity
Internet of Things (IoT) security has been a hot topic among cybersecurity professionals for some time now. However, cybersecurity is a moving target. Once someone figures out and secures a vulnerability, cybercriminals quickly move on or change their approach. One...
Cybersecurity Threat Advisory: VMware critical vulnerability
VMware has recently released software updates to address a security flaw believed to have already been patched in vCenter Server. The vulnerability, known as CVE-2024-38812 with a CVSS score of 9.8, is a heap-overflow vulnerability. Continue reading this Cybersecurity Threat...
Cybersecurity Threat Advisory: Critical security flaw in Styra’s OPA
A recent security vulnerability was found in Styra’s Open Policy Agent (OPA) that can lead to New Technology LAN Manager (NTLM) hashes exposure if exploited. Continue reading this Cybersecurity Threat Advisory to learn the implications of this flaw and the...
Cybersecurity Threat Advisory: FortiManager API vulnerability exploited
Fortinet has publicly disclosed a vulnerability in the FortiManager API. The vulnerability, tracked as CVE-2024-47575 and dubbed ‘FortiJump,’ has been exploited as a zero-day since at least June 2024. Organizations using vulnerable FortiManager versions should review this Cybersecurity Threat Advisory...
Tips to help your customers master the art of online safety
Strong cybersecurity awareness should be a priority every day, but October serves as a great reminder for all of us to stay vigilant. The Cybersecurity and Infrastructure Security Alliance (CISA) recommends the following simple yet powerful tips to boost online...
The future is now: AI-driven innovation in Barracuda XDR
The rapid proliferation of cyberthreats is forcing the cybersecurity industry to rethink defenses. Innovative, AI-powered security solutions are urgently needed to protect against evolving attacker tactics, techniques, and procedures (TTPs) and sophisticated and potentially business-crippling AI-enabled threats. Barracuda Managed XDR is...
Threat Spotlight: The evolving use of QR codes in phishing attacks
QR code phishing, also known as quishing, is a type of social engineering attack. Cybercriminals try to trick victims into using the camera on their mobile phone to scan a QR code that goes to a malicious website to steal sensitive...
Cybersecurity Awareness Month is an opportunity to recommit to training
The core of Cybersecurity Awareness Month is in its name: Awareness. Experts agree that user training is the most effective and cost-efficient way to raise awareness and deter cyberattacks. Key statistics from SANS Institute’s 2024 annual cybersecurity awareness report reinforce this...
Cybersecurity Threat Advisory: Windows Kernel vulnerability used in espionage campaign
Researchers have observed the well-known cyber espionage group OilRig exploiting a now-patched privilege escalation vulnerability (CVE-2024-30088) in the Windows Kernel to conduct espionage operations. Read this Cybersecurity Threat Advisory to learn more about the espionage campaign and how to avoid...
Cybersecurity Threat Advisory: Mozilla Firefox zero-day vulnerability
A Mozilla Firefox critical zero-day vulnerability, CVE-2024-9680, has emerged. This vulnerability allows an attacker to have unauthorized access and potential remote code execution on the affected OS. Continue reading this Cybersecurity Threat Advisory for recommendations to remediate this threat. What...
