Results for: ransomware
Cybersecurity Threat Advisory: New VMware patches available
This week, VMware released three security patches for a critical authorization bypass vulnerability in the Workspace ONE Assist solution. The vulnerability could potentially allow remote attackers to bypass authentication and elevate their privileges within the system. The vulnerabilities are tracked as...
6 Cybersecurity conversation starters
For MSPs and VARs trying to expand the reach of their services with existing clients, initiating a cybersecurity conversation around the need for solutions and services can be challenging. This is often because clients believe that their cybersecurity needs are...
Cybersecurity Threat Advisory: ConnectWise critical security release
A critical vulnerability was discovered within the ConnectWise Recover and R1Soft Server Backup Manager. The vulnerability is described by ConnectWise as “improper neutralization of special elements in output used by a downstream component”. Successful exploitation of the vulnerability would allow...
New report validates need for a centralized approach to education cybersecurity
The U.S. Government Accountability Office (U.S. GAO) has released a report showing that schools remain vulnerable to cyberattacks. “Kindergarten through grade 12 (K-12) schools have reported significant educational impact due to cybersecurity incidents, such as ransomware attacks. Cyberattacks can also...
Defending government and education organizations against cyberthreats
Every organization and individual is a potential target for cyberattacks, but the SLED (state, local, and education) market faces heightened risk. State and local government agencies and educational institutions are high-profile targets with tons of sensitive data and typically very...
Cybersecurity Threat Advisory: Fortinet vulnerability CVE-2022-40684
Fortinet has identified a critical vulnerability tracked as CVE-2022-40684. Upon a successful exploitation, a threat actor can remotely log into devices with FortiGate firewalls or FortiProxy web proxies using an authentication bypass on the administrative interface. Barracuda MSP recommends customers...
Ride-sharing app Uber hacked via social engineering scheme
Last month, the popular ride-sharing app Uber announced a cybersecurity incident that affected a variety of company accounts. The breach reportedly originated within Uber’s internal Slack communication channel after a hacker tricked an employee into sharing their login credentials. Those...
Cybersecurity Threat Advisory: Zoho ManageEngine RCE bug
A critical Zoho ManageEngine Remote Code Execution (RCE) flaw is being actively exploited according to The US Cybersecurity and Infrastructure Security Agency (CISA). This vulnerability allows remote attackers to execute arbitrary code on affected installations of Password Manager Pro, PAM360 and...
Cybersecurity Threat Advisory: Sophos Firewall critical vulnerability
Sophos has identified a remote code execution vulnerability tracked as CVE-2022-3236. This vulnerability affects the User Portal and Webadmin components of Sophos Firewalls. Upon a successful exploitation, a threat actor can gain root privileges and deploy a ransomware attack. Barracuda...
Cybersecurity summits and tools to improve training
Anytime an MSP can expose its engineers and technicians to free training and education, it’s an opportunity that shouldn’t be passed up. One such opportunity is the upcoming “5th Annual Cybersecurity Summit” hosted by CISA and Morehouse College in Atlanta....
