Category: Security
Cybersecurity Threat Advisory: Atlassian zero-day vulnerability patch
Atlassian has recently announced a patch for a new zero-day vulnerability which allows for privilege escalation on affected versions of Confluence Data Center and Confluence Server. This Cybersecurity Threat Advisory explains the exploitation of this vulnerability, which could allow attackers...
Cybersecurity Awareness Month to-do list
This month marks the 20th annual Cybersecurity Awareness Month, a collaboration between government and industry to highlight the importance of cybersecurity. The past two decades have brought about rapid change. “It’s hard to believe that Cybersecurity Awareness Month has been...
Cybersecurity Threat Advisory: Update on libwebp vulnerability by Google
Google has identified a critical security vulnerability within the libwebp image library, which plays a crucial role in rendering WebP format images. This vulnerability, known as CVE-2023–5129, has been assigned the highest severity rating of 10.0 on the CVSS rating...
Cybersecurity Threat Advisory: Microsoft Sharepoint Server exploit
A proof-of-concept exploit code has surfaced on GitHub for a crucial authentication bypass vulnerability in Microsoft SharePoint Server. The exploit allows attackers to escalate privileges in Microsoft SharePoint Servers. Barracuda MSP recommends reviewing this Cybersecurity Threat Advisory in detail to...
Partner Spotlight: Eliminating security silos with Barracuda XDR
CMIT Solutions of Portland Central has served the Portland, Oregon community as the region’s premier managed IT services provider since 2018. Over the past five years, CEO and owner Ian Miller says he’s seen a dramatic shift in the cybersecurity...
The rising role of vCISO
Cybersecurity threats continue to rise, but the available IT talent pool is shrinking. In fact, studies show there is still a need for more than 3.4 million security professionals, which is an increase of more than 26 percent from 2021....
MSPs must place training bets carefully
There has always been a fine line between when an emerging IT platform creates enough demand for managed services and when it essentially becomes a commodity that most internal IT teams can manage on their own. Timing that transition is...
Cybersecurity Awareness Month 2023: Events, security tips, and more for MSPs
Since 2003, October has been declared National Cybersecurity Awareness Month (NCSAM) by the United States government, and each year, cybersecurity experts and communities across the world come together to share information about how to remain safe online. NCSAM itself is a collaborative...
Cybersecurity Threat Advisory: New Cisco vulnerabilities discovered
Cisco is warning of five new Catalyst SD-WAN Manager product vulnerabilities. The most critical vulnerability allows unauthorized remote access to the server. Multiple vulnerabilities were discovered in SD-WAN Manager that allows an attacker to access the compromised instance or cause...
Cybersecurity Threat Advisory: WS_FTP Server vulnerabilities uncovered
Multiple vulnerabilities have been found in all versions of WS_FTP Server. The critical and high vulnerabilities include a directory traversal flaw (CVE-2023-42657) with a CVSS score of 9.9, a high-severity reflected cross-site scripting (XSS) issue (CVE-2023-40045, CVSS 8.3), a SQL...
