Category: Security
Cybersecurity Threat Advisory: HelloKitty group targets Apache
This Cybersecurity Threat Advisory discusses a new critical security flaw that was discovered in the Apache ActiveMQ open-source message broker service. This security flaw can potentially result in remote code execution, which is currently being exploited by the HelloKitty ransomware...
5 best practices for MSP email security
Email remains the primary entry point for most cyberattacks, whether phishing, ransomware, social engineering scams, or business email compromise (BEC). According to data from Barracuda, 75 percent of organizations were the victim of a successful email attack in 2022, and...
Cybersecurity Threat Advisory: Atlassian confluence vulnerability
This Cybersecurity Threat Advisory highlights a new security flaw that has recently been discovered in Atlassian’s Confluence Data Center and Server, which could result in significant data loss if exploited. Tracked as CVE-2023-22518, this vulnerability is rated 9.1 out of...
Cybersecurity Threat Advisory: VMware critical code vulnerability
VMware has published a security advisory regarding a critical out-of-bounds write vulnerability (CVE-2023-34048) that has been fixed in the latest updates by VMware. The vulnerability shared in this Cybersecurity Threat Advisory has received a critical severity rating by VMware. It...
How MSPs should navigate the rise of cryptomining
Bitcoin value has been steadily climbing over the last year. Between March 2022 and November 2022, Bitcoin prices crashed from over $47,000 to around $16,000, however rising investor confidence has pushed Bitcoin back up over the $35,000 mark in October...
MSSPs should uplevel cybersecurity conversations to board-level
A survey of 654 board of directors conducted by PwC finds well over a third (38 percent) of respondents have consulted third-party experts to increase efforts in becoming more aware of cybersecurity threats. In addition, nearly three-quarters (64 percent) have...
Cybersecurity Threat Advisory: F5 BIG-IP RCE vulnerability
This Cybersecurity Threat Advisory involves a critical vulnerability discovered in F5 BIG-IP products, identified as CVE-2023-46747. The vulnerability allows unauthenticated remote code execution and poses significant security risks. With a CVSS score of 9.8, immediate attention is required to mitigate...
Cybersecurity Awareness Month: Tips to follow year-round
While Cybersecurity Awareness Month serves as a reminder for everyone to follow cybersecurity best practices, strong awareness should continue year-round. This month, the Cybersecurity and Infrastructure Security Alliance released their “Secure Our World” awareness campaign that aims to broadly promote cybersecurity...
New FAR-reaching rules for MSPs
Managed service providers (MSPs) must navigate a complex patchwork of international, national, and local cybersecurity laws and regulations, and soon, there will be even more rules to follow. On October 3, 2023, the Federal Acquisition Regulation (FAR) Council released two...
Cybersecurity Threat Advisory: Increased cyberattacks unveiled
This Cybersecurity Threat Advisory looks at a threat actor who is targeting various private sector entities in Israel. Read the recommendations below to implement a layered security approach to protect against these cyberattacks. What is the threat? Microsoft has unveiled...
