Category: Security
Tip Tuesday: Spot the phish this Cybersecurity Awareness Month
October is Cybersecurity Awareness Month, making it an ideal time for managed service providers (MSPs) to educate their clients about phishing threats. Most people log into various online accounts daily, never considering that cybercriminals may try to trick them into...
Cybersecurity roadmap: How MSPs can guide customers through the risk landscape
As cyber threats evolve and proliferate business systems, managed security providers (MSPs) are vital in helping businesses counter attacks by adopting a comprehensive strategy for risk mitigation. This includes preparation, response, and recovery, while also understanding the organization’s cybersecurity risk...
Cybersecurity Threat Advisory: ‘Salt Typhoon’ causing damage in North America
Salt Typhoon, a highly sophisticated Chinese hacking group, has breached significant sectors in North America and Southeast Asia. Continue reading this Cybersecurity Threat Advisory to learn more about this notorious group and how to prevent your organization to become the...
Cybersecurity Threat Advisory: New critical vulnerability in Palo Alto Expedition
A vulnerability identified as CVE-2024-5910, has been disclosed by Palo Alto. With a CVSS score of 9.3, this vulnerability can lead to authentication bypass, enabling attackers to manipulate network configurations and launch further attacks. Read this Cybersecurity Threat Advisory for...
Cybersecurity Threat Advisory: Critical Fortinet RCE vulnerability exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a remote code execution (RCE) vulnerability being actively exploited in Fortinet products. If you are using Fortinet, please read this Cybersecurity Threat Advisory to learn how to...
Expert advice to proactively mitigate insider threats for MSPs
Managed services providers (MSPs) must constantly defend their clients from hackers, cybercriminals, malware, and state-sponsored cyber warfare. However, sometimes the threat is much closer to home – perhaps right in the office. Welcome to the era of insider threats, an...
Cybersecurity Threat Advisory: New critical GitLab SAML vulnerability
A new critical GitLab vulnerability within RUBY-SAML and OmniAuth-SAML libraries to bypass SAML authentication was disclosed. If you are using GitLab, read this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is the threat? This vulnerability allows...
Cybersecurity Threat Advisory: Apache Avro SDK vulnerability
A critical security flaw in the Apache Avro Java Software Development Kit (SDK), tracked as CVE-2024-47561, poses a significant threat to systems using this data serialization framework. A successful exploitation allows an attacker to execute arbitrary code on vulnerable instances....
Take action! 30 Essential tips to boost your cybersecurity
October, declared as Cybersecurity Awareness Month, is the perfect time to revisit and reinforce your cybersecurity strategies, ensuring both you and your customers stay safe from the latest digital threats. Since 2004, the National Cybersecurity Division of the Department of...
Cybersecurity Threat Advisory: Exploited cryptojacking campaign impacting Docker
A new cryptojacking campaign exploiting the Docker Engine API has been discovered. The large-scale hacking campaign is targeting Docker Swarm, Kubernetes, and Secure Socket Shell (SSH) servers. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk...
