Category: Security
Improper disposal of connected devices creates cybersecurity threat
Most companies are constantly refreshing their computers as technologies change, needs evolve, and security upgrades occur. As a result, there could be a cybersecurity threat collecting dust in a closet, or perhaps on its way to a dumpster. Furthermore, with...
Cybersecurity Threat Advisory: Ransomware Targets Unpatched, End-of-Life SonicWall Firmware
Threat Update A ransomware campaign using stolen credentials is actively targeting networking device maker SonicWall’s Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware. The exploitation targets a known vulnerability...
Cybersecurity Threat Advisory: Patch for FortiManager and FortiAnalyzer Vulnerability
Threat Update A patch has been released by Fortinet for their FortiManager & FortiAnalyzer platforms. This critical patch resolves a Use After Free vulnerability (CWE-416) that allowed attackers to execute code as administrators on the targeted device. SKOUT recommends that...
IoT is exposing networks to cybersecurity vulnerabilities
Businesses that have been fortifying their computers against ransomware and other threats could be overlooking additional vulnerabilities within their ecosystem. While the office computers may be as secure as Fort Knox, IoT devices such as the copier, scanner, digital signage,...
Cybersecurity Threat Advisory: Windows Print Spooler Elevation of Privilege Vulnerability
Threat Update Last week, SKOUT released a security advisory regarding the “PrintNightmare” Zero-Day vulnerability exploited via the Windows Print Spooler service. This past weekend, on July 16th, Microsoft identified another vulnerability within the Print Spooler service that allows for local...
Podcast: Colonial Pipeline hack and the Executive Order, Episode 7
In the previous episode of the SmarterMSP Podcast, Jason Howells of Barracuda MSP summarized the insights from Global MSP Day, which took place in May 2021. Jason detailed many interesting trends within the “Evolving Landscape of the MSP Business Report...
Cybersecurity Threat Advisory: SolarWinds Serv-U Zero-day Exploit
Threat Update SolarWinds, an IT management and remote monitoring software developer that fell victim to the Sunburst supply chain attack, has been exploited again. However, the Serv-U zero day exploit is limited to targeted customer impact according to Microsoft. A...
Tech Time Warp: Sneaky SirCam worm slithers through inboxes
When it comes to use of social engineering in malware, the SirCam worm must be among the most insidious. The worm propagated itself in the usual way via email attachment. But SirCam didn’t carry a new email attachment—the typical “invoice”...
SMBs most vulnerable to ransomware right now
For much of ransomware’s evolution, many small and medium-sized businesses (SMBs) have failed to embrace the idea that they are ransomware targets. After all, why target an SMB when Fortune 500 companies have the much deeper pockets? Seemingly, a hacker...
Prepare for the next cyberattack with a cybersecurity checklist
From the supply-chain attack at the beginning of the year, to the ransomware attack that took down a major pipeline in the United States, cyberattacks have been doing significant damage in recent times. Now, the latest supply-chain attack that some...