Category: Security
The past is peril for businesses using legacy equipment
When it comes to technology, IT organizations are focused on the newest, fastest, and safest. But, for the rest of us, it is often a different story. According to a recent eFax study, there are 43 million fax machines still...
Let’s play acronym salad: Why MFA and SSO should be in your WFH BYOO offering
Previously, I wrote a piece on the role that bring your own office (BYOO) plays as the ‘new normal’ post-COVID environment of decentralised working becomes more widespread. BYOO and working from home (WFH) means that an organisation has far less...
Cybersecurity Threat Advisory: Vulnerability in Spring Cloud Can Trigger Attacks
Threat Update A newly discovered critical vulnerability in Spring Cloud function (tracked as CVE-2022-22963), a Spring module used for streamlining data processing. This vulnerability can allow an unauthenticated remote attacker to send a specially crafted HTTP header to Spring Cloud...
Cybersecurity Threat Advisory: Spring Framework Zero-Day Vulnerability Can Cause RCE Attacks
Threat Update Security professionals have identified a new zero-day vulnerability in the Spring Framework, an application development framework for Java. This vulnerability (tracked as CVE-2022-22965) can allow attackers to execute unauthenticated remote code. Spring has released Spring Framework versions 5.3.18...
Cybersecurity Threat Advisory: SonicWall Releases Hotfix for RCE/DoS Vulnerability
Threat Update SonicWall has released a hotfix for a critical RCE / DoS vulnerability that affects a subset of their firewall devices. This vulnerability (tracked as CVE-2022-22274) in Sonic OS allows an unauthenticated remote attacker to perform denial of service...
Cybersecurity Threat Advisory: Threat Actors Could Target Sophos Firewall
Threat Update Sophos has disclosed a critical-level authentication bypass vulnerability (CVE-2022-1040) that impacts Sophos Firewall v18.5 and below. If this vulnerability is exploited, an attacker could get unfettered access to the firewall and execute remote code at will. Barracuda MSP’s...
Lost and hopefully not found (by a hacker)
The combination of people gradually returning to offices and corporate campuses and the proliferation of BYOD (bring your own device) during the pandemic is not only causing headaches for CISOs and MSPs, but it’s also resulting in cybersecurity problems. “We...
Tip Tuesday: 5 MSP marketing tips for World Backup Day
Most MSPs have run into customers or prospects that refuse to add a backup solution or upgrade from their current one to another that better meets their needs. They believe that their current set-up is satisfactory because the decision makers...
Preparing for a state-sponsored attack
As the conflict in Ukraine drags on, some experts fear that the chance of cybersecurity-related incidents will only increase in the USA. Managed Service Providers (MSPs) are well-positioned as the guardians at the gate for many companies and should play...
The important role MSPs play in keeping the data center safe
Data is currency to hackers. “For a hacker, there’s no difference between a stack of $50 bills and a bunch of unguarded PHI (personal health information) or credit card numbers,” says Phil Jefferson, an independent cybersecurity consultant in Fort Worth,...
