Category: Security
Cybersecurity Threat Advisory: Cisco patches high-severity bug
Cisco has released security updates for a vulnerability affecting its Secure Client software. Successful exploitation could allow threat actors to steal a targeted user’s token and establish a virtual private network (VPN) session. The vulnerability tracked as CVE-2024-20337 has a...
Cybersecurity Threat Advisory: TeamCity’s server vulnerabilities
This Cybersecurity Threat Advisory highlights JetBrains’ TeamCity vulnerabilities found in the CI/CD Server. One vulnerability allows unauthenticated access to an instance while the other allows for unauthenticated information disclosure and modification. What is the threat? A critical-severity authentication bypass vulnerability...
Cybersecurity Threat Advisory: Critical vulnerabilities in VMware
VMware has released updates addressing four security flaws in ESXi, Workstation, and Fusion. Two out of the four flaws, CVE-2024-22252 and CVE-2024-22253, were identified as critical with CVSS scores of 9.3 for Workstation/Fusion and 8.4 for ESXi. This Cybersecurity Threat...
Threat Spotlight: Web apps under active threat from 10-year-old Shellshock bugs and miners
The Shellshock bugs — there are six related CVE designations — have the highest severity rating of 10. They exist in the Unix Bash shell, which is the default command-line interface on all Linux, Unix, and Mac-based operating systems. If...
The role of MSPs in food supply chain cybersecurity
Food and cybersecurity seem like very different topics. When we think of our favorite potato chips or steaks to sizzle on the grill, ransomware isn’t the first thing that comes to mind. However, the food supply chain is under increasing...
A SOC’s view on 2024 cybersecurity trends
In the world of cybersecurity, threats are constantly evolving. Therefore, by throwing a spotlight on 2024 cyber trends, while considering what occurred in 2023, we can adapt our defenses and anticipate new emerging threats. Artificial intelligence (AI) will play a...
Cybersecurity Threat Advisory: ConnectWise critical vulnerabilities
This blog has been updated with the latest information on how Barracuda XDR has implemented detection mechanisms to help mitigate the two ConnectWise vulnerabilities. Two critical vulnerabilities have been discovered with ConnectWise ScreenConnect’s on-premises instances. These vulnerabilities could result in...
Five ways cybercriminals use AI to wreak havoc
It seems that each time there is a new technology advancement, criminals quickly cut to the front of the line when it comes to dreaming up new applications. That is the case with generative artificial intelligence (AI), which has been...
Quantum hasn’t taken a quantum leap – yet
While artificial intelligence (AI) has been sucking all the oxygen out of the room when it comes to IT discussion and hype, another change is on the horizon. It may be just as consequential, and managed service providers (MSPs) would...
Peak performance: SASE ski adventures in Tirol, Austria
The heartbeat gets faster. One quick decision influences the next move. Thinking rapidly … you feel cold, but you may also be sweating. Actually, you can’t differentiate. This is what it may feel like when you are an IT Admin,...
