Category: Security
Cybersecurity Threat Advisory: ATPs Exploiting FortiOS Vulnerabilities
Threat Update The FBI and CISA released a joint cybersecurity advisory documenting that a number of APTs have been seen in the wild scanning for three FortiOS vulnerabilities (CVE-2018-13379, CVE-2019-5591 and CVE-2020-12812). These vulnerabilities, if exploited, can allow unauthorized remote...
A conversation about ransomware in 2021
The year 2021 continues to see a surge in ransomware as the world’s cyber ecosystem begins to ease into a post-pandemic phase. The education and healthcare sectors remain particularly vulnerable to ransomware as hackers attempt to squeeze more out of...
Ask an MSP Expert: How can I meet evolving cloud security needs?
Q: Many of my SMB customers have adopted cloud solutions as a result of their shift to operating with a remote workforce. How can my MSP maintain strong cloud security while keeping pace with this shift? According to a recent...
Tomorrow’s cybersecurity at today’s colleges
University students in 2021 have a worldview of cybersecurity that has been shaped by the pandemic and forged by immersion in technology from cradle to college. Smarter MSP recently caught up with Bilal Shebaro, an associate professor in the Department of...
Cybersecurity Threat Advisory: Purple Fox Rootkit
Threat Update The Purple Fox rootkit has recently improved propagation capabilities which makes it easier to spread through a network. This could make it easier for threat actors to steal data from or potentially infect compromised machines with other types...
Cybersecurity Threat Advisory: MacOS Malware XcodeSpy
Threat Update A malicious version of the macOS development environment Xcode has been spotted in the wild. Dubbed “XcodeSpy,” its main function is to use a custom Run Script to connect to a C&C server when a compromised application is...
Tech Time Warp: Melissa virus opens eyes to risks of cybercrime
In 1999, the internet seemed like a more innocent place. Few of us were aware of the risks associated with logging on. But then the Melissa virus came along and opened our eyes. Reportedly named after a Florida stripper, the...
Shift to work from anywhere presents major MSP challenge
Most managed service providers (MSPs) today manage a large number of endpoints on behalf of a wide range of clients. So, it makes sense that many MSPs will have a keen interest in understanding how employees might be returning to...
Cybersecurity Threat Advisory: AWS S3 Bucket Exposure Causes Patient Data Breach
Threat Update Over 50,000 patient records at a Utah-based COVID-19 testing service were exposed due to a common AWS S3 cloud security misconfiguration. This mishap led to a severe breach of patient data confidentiality, giving malicious actors an opportunity to...
Weak human links and zero-day cyberattacks
We’ve been taking a close look at the post-pandemic environment that MSPs are finding themselves navigating in 2021. One of the questions for many is what happens if the new normal doesn’t resemble the old normal? What if corporate campuses...
