Category: Security
Tech Time Warp: Columbia researchers find IoT vulnerability
The headlines were inflammatory in every sense of the word: In November 2011, two Columbia University researchers recognized a security vulnerability in HP printers and set one ablaze. Professors Salvatore Stolfo and Ang Cui realized that every time an HP...
Cities have a massive need for cybersecurity
Cities are increasingly making headlines for being crippled by ransomware and other attacks. Such vulnerability isn’t surprising, since municipalities have a growing number of attack vectors and a pool of taxpayer or insurance money that hackers find too tempting to resist....
Cybersecurity Threat Advisory: McAfee Antivirus and Symantec Endpoint LPE Flaw
Advisory Overview Recently, both McAfee and Symantec anti-malware tools were discovered to have vulnerabilities that allowed a threat actor to overcome the protection systems that these tools typically provide. While the attack requires the threat actor to have Administrative privileges...
Cybersecurity Threat Advisory: Zombieload targeting 8th and 9th Generation Intel CPU’s
Advisory Overview As with several other exploits targeted at how Intel processors handle digital operations, “Zombieload” is an exploit used by threat actors to compromise information being processed by an Intel CPU. Some vulnerabilities allow a threat actor to steal...
Growing confidence and emerging gaps in cloud security
For modern organizations, digital transformation is increasingly the only game in town. CIOs are turning to multiple cloud providers in droves for new app-based models, driving enhanced business agility to meet ever-changing market demands. Yet security remains a constant challenge....
Cybersecurity defense: Racquetball, rest, and service
I frequently talk to MSP owners or their technicians and often find them harried and stretched for time. While those descriptors could apply to scores of professions, the stakes of feeling frazzled are high for MSPs. The world of cybersecurity...
Cybersecurity Threat Advisory: PHP Vulnerability Affects PHP-FPM
Advisory Overview NGINX is a highly popular website platform which utilizes many different plug-ins and add-ons to enhance its native functionality. NGINX websites which use PHP-FPM (a set of software technologies that work to improve website performance and page loading)...
Another ‘-ish’ MSPs need to watch
When it comes to MSPs, there is one set of letters that causes indigestion: ‘-ishing.’ Phishing is the biggest headache, of course. Successful phishing expeditions have led to many network breaches in businesses large and small. Recently on Smarter MSP,...
Partner Spotlight: How one MSP solved their email problems
In 2010, Tom Burtzlaff founded CMIT of Columbia. Over the years, Burtzlaff and his team built up the business to more than 50 managed services clients with a 97 percent customer retention rate. Earlier this year, the company was sold...
Cybersecurity Threat Advisory: Exploit Found in Google Chrome
Advisory Overview Google Chrome is an extremely popular Internet Browser produced and distributed by Google for free. Within the last week, two vulnerabilities have been found in the browser that can allow an attacker to execute scripts and other actions...