Category: Security
Cybersecurity Threat Advisory: Zero-click flaw in Synology NAS devices
Synology, network-attached storage (NAS) maker, addressed critical security vulnerability, CVE-2024-10443, which impacts their DiskStation and BeePhotos applications. This is an unauthenticated vulnerability that can allow attackers to obtain root-level code execution on Synology NAS devices. Review the details in this...
Cybersecurity Threat Advisory: Vulnerabilities found in Microsoft Azure AI
Significant vulnerabilities in Microsoft’s Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content. Continue reading this Cybersecurity Threat Advisory to learn the implications of these flaws and which security...
Beyond phishing: How cybercriminals target SMBs vs. enterprises
Security-focused managed service providers (MSPs) know that small to midsize businesses (SMBs) often take a more cavalier approach to cybersecurity than larger organizations. They often believe that because they are small and less well-known, they’re less likely to draw the...
Beyond patches and firewalls: Advanced strategies for cyberthreat defense
Threat mitigation is to managed service providers (MSPs) what preventative medicine is to doctors. In other words, threat mitigation is the first line – and often least expensive – defense against cybercriminals. Of course, some of the basic steps include...
Cybersecurity Threat Advisory: New Microsoft Windows vulnerabilities
Two new Microsoft vulnerabilities, CVE-2024-21302 and CVE-2024-38202, are impacting Windows systems. Read this Cybersecurity Threat Advisory to learn more about how these vulnerabilities can be leveraged to exploit Microsoft Windows and how to protect your systems. What is the threat?...
Cybercriminals impersonate OpenAI in large-scale phishing attack
Since the launch of ChatGPT, OpenAI has sparked significant interest among both businesses and cybercriminals. While companies are increasingly concerned about whether their existing cybersecurity measures can adequately defend against threats curated with generative AI tools, attackers are finding new...
How MSPs can improve threat detection and response with XDR
According to a Barracuda report, 62 percent of IT professionals surveyed believe cyberattacks are becoming more sophisticated and complex. This concern is mainly because traditional security measures often fail to address multifaceted threats in today’s rapidly evolving cybersecurity landscape. Furthermore,...
Cybersecurity Threat Advisory: SonicWall VPN vulnerability
Fog and Akira ransomware operators are exploiting a critical SonicWall SSL VPN vulnerability, CVE-2024-40766, to breach corporate networks. Continue reading this Cybersecurity Threat Advisory to learn the tactics these groups are using and how you can reduce the risk of...
Unpacking the 5G IoT MSP opportunity
Internet of Things (IoT) security has been a hot topic among cybersecurity professionals for some time now. However, cybersecurity is a moving target. Once someone figures out and secures a vulnerability, cybercriminals quickly move on or change their approach. One...
Cybersecurity Threat Advisory: VMware critical vulnerability
VMware has recently released software updates to address a security flaw believed to have already been patched in vCenter Server. The vulnerability, known as CVE-2024-38812 with a CVSS score of 9.8, is a heap-overflow vulnerability. Continue reading this Cybersecurity Threat...
