Category: Security
Cybersecurity Threat Advisory: Critical XXE Vulnerability Discovered in ConnectWise Automate
Threat Update This month, it was discovered that ConnectWise Automate versions 2021.6.131 and prior are vulnerable to exploits that allow threat actors to remotely execute code and access confidential data by performing XML external entity (XXE) injection attacks. The severity...
Ask an MSP Expert: Why should we replace our VPN with ZTNA?
Q: With the sudden mass shift to remote working in response to the pandemic, my MSP business set up VPN configurations for each of our clients to meet their connectivity needs. What advantages does ZTNA offer that make it worth...
Tech Time Warp: The Pikachu virus is not your friend
It sounds so innocent: An email appears in your inbox, subject line “Pikachu Pokemon.” The message speaks of friendship and invites you to visit Pikachu on his website. And the attachment (warning bells going off yet?) features an animation of...
Organizations need MSPs to become cloud security heroes
When not done right, cloud security can become a bit of a mess. Misconfigurations of cloud services are more widespread than ever at a time when cybercriminals have tools that enable them to discover vulnerabilities in a matter of minutes....
Cybersecurity Threat Advisory: Botnets Version Hunting Perimeter Devices
Threat Update Threat actors have been seen in the wild scanning for perimeter devices which are running vulnerable firmware and have not been updated to allow for vulnerabilities to be patched. Perimeter devices (such as firewalls, intrusion detection/prevention systems, and...
Summer break for schools means homework for MSPs
Campuses are quiet, school buses gather dust in maintenance garages, and students visit swimming holes and flip burgers. But while teachers and students can soak in the solace of summer vacation, hackers are not taking a break. School networks are...
Cybersecurity Threat Advisory: ThroughTek P2P Supply Chain Vulnerability
Threat Update ThroughTek, a massive original equipment manufacturer (OEM) supplier, has been made aware of a software vulnerability involving the IP cameras with P2P connections. The vulnerability could potentially allow unauthorized access to sensitive information via camera audio/video feeds. SKOUT...
New eBook: Conversational email security for MSPs
Email security is essential for all businesses and a very lucrative managed security service for MSPs. With the many solutions in the market, it can be overwhelming for MSPs to choose the right solution to use for their customers, especially...
Tech Time Warp: Stuxnet takes malware to the next level
Today’s action movies and thrillers routinely feature some hacker-type who—armed with a laptop in a chunky military-grade case—can infiltrate the most impenetrable of digital fortresses in a few furious keystrokes. But in the real-life case of Stuxnet, first detected in...
Cybersecurity Threat Advisory: Malware Targeting Kubernetes Clusters and Windows Containers
Threat Update A new malware first discovered in March dubbed ‘Siloscape’ is actively targeting Kubernetes clusters via Windows containers. This malware has the potential to compromise an entire Kubernetes cluster. SKOUT recommends ensuring all clusters are updated with the latest...
