Category: Security
Cybersecurity Threat Advisory: Continued Log4j Scanning Activity
Threat Update In recent weeks, Microsoft has observed continued attempts by nation-state adversaries and commodity attackers to exploit security vulnerabilities uncovered in the Log4j open-source logging framework. Barracuda MSP’s Security Operation Center (SOC) is also observing scanning activity and exploit...
2022 Cybersecurity Outlook, Part 2: Talent Gap, Ransomware, Healthcare
This week, Smarter MSP continues our discussion with Dr. Nur Zincir-Heywood, a cybersecurity specialist and computer science faculty at Dalhousie University in Halifax, Nova Scotia. Key discussion points include specific cybersecurity challenges Canadian businesses need to be paying attention to...
Getting smart about IT asset disposal and security
The COVID-19 pandemic has revealed a lot about the current state of corporate IT. One of those lessons was that many employees required new endpoint hardware. This was especially true in cases where older computers were no longer operational or...
Cybersecurity Threat Advisory: Microsoft Patch Tuesday, December 2021
Threat Update Microsoft’s Patch Tuesday release for December 2021 comes with a Windows update that will apply patches for 67 different vulnerabilities. This update includes fixes for 7 critical vulnerabilities, and included fixes that prevented Denial of Service, Remote Code...
2022 Cybersecurity Outlook: Stealth breaches, remote work, and human error
As 2021 comes to a close, Smarter MSP is talking with some of the best and brightest cybersecurity minds to take stock of the past year and get a sense of what to expect in terms of a cybersecurity outlook...
Cybersecurity Threat Advisory: Second Log4j vulnerability patch released
As we know, a significant Log4j Remote Code Execution (RCE) vulnerability has had a patch released and tracked as CVE-2021-44228. However, the patch was not entirely effective at mitigating the risk due to CVE-2021-45046, the lack of completion in some...
Barracuda Networks and Apache Log4j vulnerability
The Log4j vulnerability has recently made headlines around the world. Concerns around this vulnerability center on the fact that an attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message...
Tech Time Warp: Linux.Darlloz attacks the Internet of Things
What’s on your holiday shopping list this year? Fitness trackers? Smart home hubs? Maybe even a smart coffee mug? No matter how enchanting or convenient a smart device might seem, it never pays to be uninformed about the security risk...
Cybersecurity Threat Advisory: Surge in Attacks Against WordPress Sites
Threat Update WordFence, a WordPress security platform, stated that they have blocked 13.7 million attacks against WordPress sites in the span of 36 hours. The number of attacks reflects a dramatic increase in activity from threat actors, originating from 16,000...
Cybersecurity Threat Advisory: Critical Java Zero-Day Vulnerability
A critical remote code vulnerability has emerged in Log4j, a Java Logging package that is used in a number of software products and platforms from organizations like Apache, Apple, Twitter, Tesla and Steam. This vulnerability impacts almost every Java application...
