Category: Security
Accelerating cybersecurity Time to Resolution (TTR)
When it comes to cyberattacks and data breaches, time to respond (TTR) is a critical metric for managed service providers (MSPs), but one that can be challenging as the frequency and sophistication of threats continue to evolve. MSPs typically have...
Cybersecurity Threat Advisory: Critical GitLab SAML vulnerability
A vulnerability identified as CVE-2024-45409 has been found in GitLab’s Ruby-SAML library. This flaw stems from the improper validation of Security Assertion Markup Language (SAML) responses. Continue reading this Cybersecurity Threat Advisory to secure your environment. What is the threat?...
The benefits of Barracuda’s new scalable backup
Data is money, and data protection is a key piece of any business continuity plan or cybersecurity strategy. This is a concern for companies that need an increasing amount of storage and backup capacity but have no extra budget to...
Cybersecurity Threat Advisory: SolarWinds ARM vulnerabilities
SolarWinds has issued patches to address two vulnerabilities in its Access Rights Manager (ARM) software. Out of the two, one is a critical vulnerability that can lead to remote code execution (RCE). Review the details within this Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: Active exploitation of Ivanti CSA vulnerability
A new vulnerability known as CVE-2024-8190 is affecting Ivanti Cloud Services Appliance (CSA) and is being actively exploited. This OS command injection vulnerability allows a remote, authenticated attacker to execute arbitrary commands on the system. Review the details in this...
Content creation platforms leveraged for phishing attacks
Cybersecurity is an ever-evolving field, and as new solutions are introduced to better detect and defend against cyberthreats, attackers in turn need to adapt their tactics to try and evade those solutions. For example, Barracuda threat analysts have recently identified...
How CISOs can leverage generative AI to improve email, application security
In an era where digital threats evolve at an unprecedented pace, the integration of generative AI into cybersecurity operations has become essential. From content creation to behavior prediction and knowledge articulation, generative AI is reshaping the landscape of security practices, offering immense...
Cybersecurity Threat Advisory: Veeam Backup security flaws
There were recently six vulnerabilities discovered in Veeam Backup and Replication. One of them is an unauthenticated remote code execution (RCE), while the other five include authenticated RCE, arbitrary file deletion, low-privileged multi-factor authentication (MFA) setting modification and MFA bypass,...
Summer Roundup: Cyber risks for MSPs to monitor
As summer begins its swan song and thoughts begin to turn toward autumn, the Cybersecurity and Infrastructure Security Agency (CISA) has a fresh batch of advisories. Released in August, these advisories highlight the various cyber risks lurking out there, many...
Cybersecurity Threat Advisory: Cicada3301 ransomware variant
A new ransomware variant has been found, known as Cicada3301. It exhibits similarities to the defunct BlackCat (ALPHV) operation, and it targets both Windows and Linux systems. Review the details in this Cybersecurity Threat Advisory to learn how this variant...
