Category: Security

Cybersecurity Threat Advisory: Critical RCE vulnerability
A critical pre-authentication remote code execution (RCE) vulnerability, CVE-2024-21591, has been patched in Juniper Networks’ Junos OS on SRX firewalls and EX switches. Exploitable via an out-of-bounds write, the flaw poses risks of denial-of-service (DoS), RCE attacks, or unauthorized root...

Cybersecurity Threat Advisory: Ivanti zero-day vulnerabilities
Two vulnerabilities have been identified in Ivanti Connect Secure and Ivanti Policy Secure Gateways, CVE-2023-46805 and CVE-2024-21887 respectively, which when exploited together allow for unauthenticated remote code execution. These CVEs affect all supported versions of the products. Continue reading this...

Enhancing email security: Navigating new Google and Yahoo DMARC changes
In the evolving landscape of email security, major players like Google and Yahoo are implementing new DMARC (domain-based message authentication, reporting, and conformance) requirements set to roll out in early 2024. These changes present a unique opportunity to proactively safeguard K-12...

MSP Insights: What to expect in 2024
It’s no secret that the fortunes of managed service providers (MSPs) are closely tied to the overall state of the economy, but with an uneven economic outlook for 2024, forecasting the year is more challenging than usual. While uncertainty remains,...

Cybersecurity Threat Advisory: High-severity WebRTC vulnerability
A critical vulnerability identified as CVE-2023-7024 poses a significant threat to Google Chrome and Microsoft Edge browser users. This high-severity flaw, a heap-based buffer overflow in the WebRTC framework, can lead to remote code execution and potential compromise of sensitive...

2024 forecasted cybersecurity trends
The new year always brings a panoply of possibilities and promises. No one knows the future, so it becomes a blank canvas upon which we can all project our aspirations and whims. However, the future can also be full of...

Cybersecurity Threat Advisory: Apache Struts2 RCE vulnerability
A new vulnerability known as CVE-2023-50164 is being used by attackers to exploit the file upload functionality in Apache Struts2, an open-source framework for developing Java web applications. Barracuda MSP advises users to review this Cybersecurity Threat Advisory and upgrade...

The cloud migration opportunity still exists for MSPs
A survey of 510 senior executives from Global 2000 organizations suggests that cloud migration initiatives have stalled at the intermediate stages of the project due to concerns around cost, lock-in, meeting budgets, and timeline constraints. Conducted by HFS Research on...