Category: Security
Cybersecurity Threat Advisory: Critical Zero-Day in WordPress Fancy Product Designer Plugin
Threat Update On May 31, 2021, a critical file upload vulnerability in Fancy Product Designer—a WordPress plugin installed on over 17,000 websites—was discovered to be under active exploitation by threat actors. Technical Detail & Additional Information WHAT IS THE THREAT?...
Ask an MSP Expert: Bridging the BYOD security gap
Q: BYOD has become a requirement for many of my customers. With the growth of cyberattacks, we need to implement an official BYOD policy that is flexible yet protects our customers. We are finding this to be a hard balance...
Cybersecurity Threat Advisory: VMWare vCenter Critical RCE Vulnerability
Threat Update VMware is a virtualization and cloud computing vendor which is used worldwide by many different companies. Recently, VMware announced that they were informed of two vulnerabilities which affect certain versions of its vCenter service. Successful exploitation of these...
Cybersecurity Threat Advisory: Increase in Activity from Sophisticated Threat Actors
Threat Update A large increase of activity has been seen from malicious threat actors. Many different vectors have been combined to facilitate targeted and widespread attacks. Considering the technical difficulty of these methods, these attackers are highly sophisticated, and organizations...
Cybersecurity Threat Advisory: Malicious Call Centers Spreading BazarLoader Malware
Threat Update Security researchers have released their latest findings on BazarLoader, malware that provides backdoor access to an infected Windows host. Threat actors will use this malware to infect and infiltrate a victim’s system, send follow-up malware and exploit other...
Cybersecurity Threat Advisory: DarkSide Ransomware Group Strikes Again
Threat Update The ransomware group responsible for the Colonial Pipeline attack has struck again – this time affecting European subsidiaries of Toshiba. Some of Toshiba’s networks were shut down in response, demonstrating how effective ransomware is becoming as a method...
Tech Time Warp: Looking back at the evolution of ransomware
The havoc wreaked by the recent Colonial Pipeline ransomware attack—which caused a gas shortage in the southeastern United States and cost the company a reported $850,000 to resolve—highlights the immense risk ransomware poses to companies and national security.
Colonial Pipeline hack highlights vulnerabilities
We’ve been warning about the dangers of ransomware for years now on Smarter MSP, and this past week the threat hit home for millions of Americans in the form of fuel shortages and higher prices at the gas pump. While...
How will the new Executive Order implementing ZTNA impact MSPs
Following the Colonial Pipeline attack, one of the most impactful ransomware attacks to-date, the United States government issued an Executive Order which detailed a course of actions aiming to improve the government’s cybersecurity standards, specifically with zero-trust (ZTNA) security. The...
Cybersecurity Threat Advisory: Microsoft Patch Tuesday, May 2021
Threat Update Microsoft’s Patch Tuesday release for May 2021 comes with a Windows update that will remediate a multitude of vulnerabilities. The update will patch 55 vulnerabilities, one of which is critical, 50 important, and one moderate. It also includes...
