Category: Security
Cybersecurity Threat Advisory: VMware privilege escalation vulnerabilities
VMware has released patches to address critical vulnerabilities impacting Cloud Foundation, vCenter Server, and vSphere ESXi, which could be exploited to achieve privilege escalation and remote code execution. The flaws, identified as CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081, have high CVSS scores....
Cybersecurity Threat Advisory: Critical ASUS vulnerability
ASUS released a product security advisory urging customers to update their firmware to address a critical authentication bypass vulnerability impacting multiple of its router models. Review this Cybersecurity Threat Advisory to learn which router models are impacted and how to...
Deepfake technology: Why it’s a risk to your business
Deepfake technology, sometimes colloquially named ‘deepfakes’, has been getting a lot of attention in the mainstream news media in recent years. But now, it’s no longer just a harmless entertainment medium, it poses a significant threat to your business if...
Blockchain: The cybersecurity tool MSPs should keep an eye on
With cyber threats coming from all directions, managed service providers (MSPs) need as many mitigation measures as possible. One often overlooked area is the emergence of blockchain technology as a cybersecurity tool. Several software solutions incorporate blockchain and have become...
How MSPs can help clients build a human firewall
As cybercriminals step up their attacks, aided by AI and other technologies, it’s critical for managed service providers (MSPs) and their clients to reinforce cybersecurity awareness efforts among their employees to create a human firewall. According to the World Economic...
Cybersecurity Threat Advisory: Atlassian Confluence RCE vulnerability
A new high-severity remote code execution (RCE) vulnerability known as CVE-2024-21683 has been discovered in Atlassian’s Confluence Data Center and Server. This vulnerability permits an attacker with an account on the service to gain server control. Review this Cybersecurity Threat...
New report: BEC accounts for 1 in 10 email attacks
Email-based social engineering threats are thriving as attackers continue to adapt and evolve their tactics to increase their chances of success. The latest analysis of email detection data by Barracuda researchers reveals that while the landscape remains dominated by mass phishing and general scamming attacks, there’s...
Cybersecurity Threat Advisory: New Microsoft Outlook client vulnerability
A recent Microsoft Outlook client zero-click remote code execution (RCE) vulnerability, CVE-2024-30103, has a CVSS score of 8.8. Review this Cybersecurity Threat Advisory to limit the impact this vulnerability may have on your organization. What is the threat? CVE-2024-30103 allows...
Cybersecurity Threat Advisory: Critical PHP vulnerability enables remote code execution
A vulnerability known as CVE-2024-4577 is exploiting Apache’s handling of Unicode to ASCII conversion when using Hypertext Preprocessor (PHP) Common Gateway Interface (CGI) mode. This enables the execution of malicious code within the PHP executable. This presents a significant risk...
Cybersecurity Threat Advisory: New typosquatting attack targeting Google users
Google users have been targeted with a typosquatted attack when searching Advanced IP Scanner. When searching for this free network scanner for Windows, users are served with an exploited version of Advanced IP Scanner that injects a CobaltStrike Beacon into...
