Category: Security
Why MSPs choose Barracuda XDR
As cyberthreats continue to get more invasive and damaging, managed service providers (MSPs) and their clients are searching for better ways to protect and defend against them. One of the most effective and popular solutions in the market today is...
Tech Time Warp: The cybersecurity industry begins with RSA patent
October 1 kicks off Cybersecurity Awareness Month, now in its 18th year. A joint initiative of the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA), the awareness month seeks to educate individuals and organizations about...
Cybersecurity Threat Advisory: Threat Actors Targeting VoIP Providers with DDoS Attacks
Threat Update In recent weeks, threat actors have been targeting voice over Internet Protocol (VoIP) providers with distributed denial of service (DDoS) attacks that have impacted the mission-critical communications, including 911 services, of numerous organizations. Bandwidth.com has become the latest...
IT spending outlook for 2022 looks better than 2021
The outlook for IT spending for cloud and managed services for 2022 looks promising, assuming organizations can acquire the hardware needed to drive application deployments. A Spiceworks Ziff Davis (SWZD) survey of more than 1000 IT buyers in North America...
Cybersecurity chain of command crucial to deterring a breach
Who’s on first? What’s on second? I don’t know who’s on third? That’s an old comedic bit from the classic comedy duo Abbott and Costello. Anyone under age 50 probably isn’t familiar with them. But if you are, that classic...
Cybersecurity Threat Advisory: Microsoft Azure OMIGOD Vulnerability
Threat Update Microsoft’s September 2021 Patch Tuesday addressed four major vulnerabilities that impact users of Microsoft’s Azure platform. They are tracked as CVE-2021-38647 and CVE-2021-38648. They are referred to as OMIGOD, referencing “Open Management Infrastructure,” the agent which makes Azure...
Cybersecurity Threat Advisory: BulletProofLink Phishing-as-a-Service (PhaaS) Campaign
Threat Update Microsoft recently released the results and analysis from its deep dive into BulletProofLink, a large-scale phishing-as-a-service (PHaaS) operation that follows a software-as-a-service (SaaS) business model. This model allows threat actors to purchase phishing kits and email templates in...
Cybersecurity Threat Advisory: AWS Workspaces Remote Code Execution
Threat Update Rhino Security Labs has discovered a vulnerability in the AWS WorkSpaces desktop client, tracked as CVE-2021-38112, which allows commands to be executed if a victim opens a malicious WorkSpaces URI from their browser. Since the report’s release, Amazon...
Cybersecurity Threat Advisory: Office 365 Zero-Day Attacks
Microsoft has released a mitigation for a vulnerability which exists on Windows 10 and can be exploited to launch zero-day attacks against Office 365 and Office 2019. Identified as CVE-2021-40444, this vulnerability could allow attackers to execute arbitrary code on...
Tech Time Warp: Swen worm poses as security patch
The hits for network admins kept coming in late summer/early fall 2003. Just weeks after the Blaster-Welchia-SoBig.F triple punch, the Swen worm wriggled its way onto at least 1.5 million computers. Like so many other pieces of malware, Swen exploited...
