Category: Security

Improper disposal of connected devices creates cybersecurity threat

Improper disposal of connected devices creates cybersecurity threat

Most companies are constantly refreshing their computers as technologies change, needs evolve, and security upgrades occur. As a result, there could be a cybersecurity threat collecting dust in a closet, or perhaps on its way to a dumpster. Furthermore, with...

/ July 28, 2021 / 1 Comment
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Ransomware Targets Unpatched, End-of-Life SonicWall Firmware

Cybersecurity Threat Advisory: Ransomware Targets Unpatched, End-of-Life SonicWall Firmware

Threat Update A ransomware campaign using stolen credentials is actively targeting networking device maker SonicWall’s Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware. The exploitation targets a known vulnerability...

/ July 27, 2021
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Patch for FortiManager and FortiAnalyzer Vulnerability

Cybersecurity Threat Advisory: Patch for FortiManager and FortiAnalyzer Vulnerability

Threat Update A patch has been released by Fortinet for their FortiManager & FortiAnalyzer platforms. This critical patch resolves a Use After Free vulnerability (CWE-416) that allowed attackers to execute code as administrators on the targeted device. SKOUT recommends that...

/ July 21, 2021
IoT is exposing networks to cybersecurity vulnerabilities

IoT is exposing networks to cybersecurity vulnerabilities

Businesses that have been fortifying their computers against ransomware and other threats could be overlooking additional vulnerabilities within their ecosystem. While the office computers may be as secure as Fort Knox, IoT devices such as the copier, scanner, digital signage,...

/ July 21, 2021
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Windows Print Spooler Elevation of Privilege Vulnerability

Cybersecurity Threat Advisory: Windows Print Spooler Elevation of Privilege Vulnerability

Threat Update Last week, SKOUT released a security advisory regarding the “PrintNightmare” Zero-Day vulnerability exploited via the Windows Print Spooler service. This past weekend, on July 16th, Microsoft identified another vulnerability within the Print Spooler service that allows for local...

/ July 19, 2021
Podcast: Colonial Pipeline hack and the Executive Order, Episode 7

Podcast: Colonial Pipeline hack and the Executive Order, Episode 7

In the previous episode of the SmarterMSP Podcast, Jason Howells of Barracuda MSP summarized the insights from Global MSP Day, which took place in May 2021. Jason detailed many interesting trends within the “Evolving Landscape of the MSP Business Report...

/ July 19, 2021
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: SolarWinds Serv-U Zero-day Exploit

Cybersecurity Threat Advisory: SolarWinds Serv-U Zero-day Exploit

Threat Update SolarWinds, an IT management and remote monitoring software developer that fell victim to the Sunburst supply chain attack, has been exploited again. However, the Serv-U zero day exploit is limited to targeted customer impact according to Microsoft. A...

/ July 16, 2021
Tech Time Warp: Sneaky SirCam worm slithers through inboxes

Tech Time Warp: Sneaky SirCam worm slithers through inboxes

When it comes to use of social engineering in malware, the SirCam worm must be among the most insidious. The worm propagated itself in the usual way via email attachment. But SirCam didn’t carry a new email attachment—the typical “invoice”...

/ July 16, 2021
SMBs most vulnerable to ransomware right now

SMBs most vulnerable to ransomware right now

For much of ransomware’s evolution, many small and medium-sized businesses (SMBs) have failed to embrace the idea that they are ransomware targets. After all, why target an SMB when Fortune 500 companies have the much deeper pockets? Seemingly, a hacker...

/ July 15, 2021 / 2 Comments
Prepare for the next cyberattack with a cybersecurity checklist

Prepare for the next cyberattack with a cybersecurity checklist

From the supply-chain attack at the beginning of the year, to the ransomware attack that took down a major pipeline in the United States, cyberattacks have been doing significant damage in recent times. Now, the latest supply-chain attack that some...

/ July 14, 2021