Category: Security
MSP Insights: What to expect in 2024
It’s no secret that the fortunes of managed service providers (MSPs) are closely tied to the overall state of the economy, but with an uneven economic outlook for 2024, forecasting the year is more challenging than usual. While uncertainty remains,...
Cybersecurity Threat Advisory: High-severity WebRTC vulnerability
A critical vulnerability identified as CVE-2023-7024 poses a significant threat to Google Chrome and Microsoft Edge browser users. This high-severity flaw, a heap-based buffer overflow in the WebRTC framework, can lead to remote code execution and potential compromise of sensitive...
2024 forecasted cybersecurity trends
The new year always brings a panoply of possibilities and promises. No one knows the future, so it becomes a blank canvas upon which we can all project our aspirations and whims. However, the future can also be full of...
Cybersecurity Threat Advisory: Apache Struts2 RCE vulnerability
A new vulnerability known as CVE-2023-50164 is being used by attackers to exploit the file upload functionality in Apache Struts2, an open-source framework for developing Java web applications. Barracuda MSP advises users to review this Cybersecurity Threat Advisory and upgrade...
EDR vs. MDR vs. XDR: What’s best for your MSP practice?
Selecting a security platform that provides the right level of protection based on your customers’ needs and your IT team’s skillset is vital. A determined attacker can find a way in, whether it’s via stolen or brute-forced credentials, exploiting unpatched...
The cloud migration opportunity still exists for MSPs
A survey of 510 senior executives from Global 2000 organizations suggests that cloud migration initiatives have stalled at the intermediate stages of the project due to concerns around cost, lock-in, meeting budgets, and timeline constraints. Conducted by HFS Research on...
Email security and XDR are critical to strengthen your cyber defense
Email is an integral part of our daily communication. With countless emails being sent and received daily, it has become an essential fabric of the day-to-day business activities that most of us take for granted. The widespread use of email...
Cybersecurity Threat Advisory: Google OAuth MultiLogin exploit
In October of 2023, an exploit was revealed by the threat actor PRISMA. This exploit generated persistent Google cookies through token manipulation. Now, attackers are exploiting a Google OAuth endpoint known as “MultiLogin” to restore expired authentication cookies. This allows...
Beyond the horizon: Growth of cyberattacks in the 2010s
As part of our 5-part series on the evolution of cybersecurity, check out our fourth article below that covers IoT devices and vulnerabilities to Bitcoin-driven ransomware in the 2010s. During the 2000s, we saw the growing arms race between security...
Cybersecurity Threat Advisory: A look back at 2023
2023 was an eventful year for our Cybersecurity Threat Advisory series. We highlighted several vulnerabilities exploited in the wild, multiple ransomware groups striking against notable establishments (including targeting MSPs), and an increase in cyber hacktivism due to world events. Below...
