Results for: ransomware
Expert reflections: Top cybersecurity trends of 2025
As 2025 comes to a close, cybersecurity professionals are taking stock of a year shaped by both familiar threats and rising perils. So, what truly surprised security leaders this year—and what can we learn from it? To find out, I...
Cybersecurity Threat Advisory: MongoDB RCE vulnerability
MongoDB has disclosed a high‑severity vulnerability, tracked as CVE‑2025‑14847, that could allow unauthenticated remote code execution (RCE). The flaw stems from the Zlib compression handler and can be exploited with low complexity, posing a serious risk to data confidentiality and...
Q&A: How MSPs can strengthen municipal cyber defenses
Cities and municipalities continue to be under siege from hackers. In the past three months alone, several cities have been targeted by cybercriminals (and these are just the publicly reported cases): Michigan City, Indiana; Yellowknife, Canada; Sugar Land, Texas; McKinney,...
Cybersecurity Threat Advisory: Android framework exploits
Google released the December 2025 Android Security Update to address 107 vulnerabilities across the Android OS and vendor components. The most critical aspect of this release is the remediation of two high-severity vulnerabilities. Review this Cybersecurity Threat Advisory to limit...
Municipal cyber risk unveiled: How MSPs can stand guard
My hometown of Middletown, Ohio recently made local news after hackers disrupted the city’s water billing system and other services. The episode raised a timely question: how are cities becoming prime targets, and what can managed service providers (MSPs) and...
Five trends MSPs can be thankful for in 2025
While Thanksgiving has been a national holiday in the U.S. since 1863, the notion of setting aside a day to give thanks reaches as far back as 1623. Fast forward to 2025, and the tech landscape looks very different, but...
Cybersecurity Threat Advisory: 7-Zip symbolic link vulnerability
Attackers are actively exploiting a high-severity 7-Zip vulnerability, CVE-2025-11001. Attackers use malicious archives to abuse symbolic links, forcing writes outside the intended extraction directory and enabling remote code execution (RCE) when users interact. Review this Cybersecurity Threat Advisory for remediation...
Staying cyber safe while hackers chase holiday cheer
The holidays are almost upon us. That means pass the stuffing, brine the turkey, wrap the presents, and hang the stockings with care. It also means hackers are hiding in the holly, waiting for a moment of distraction from all...
Cybersecurity Threat Advisory: Critical Windows Kernel zero-day vulnerability
CVE-2025-62215 is a Windows Kernel flaw that lets attackers escalate to SYSTEM privileges, persist, access data, and move laterally. Attackers are actively exploiting this zero-day in the wild. Review this Cybersecurity Threat Advisory for best practices and recommendations to mitigate...
Cybersecurity Threat Advisory: Critical WatchGuard Fireware vulnerability
CISA has added CVE-2025-9242 to its Known Exploited Vulnerabilities (KEV) catalog following confirmed exploitation in the wild. This critical flaw allows unauthenticated remote code execution (RCE) via malformed IKEv2 VPN packets in WatchGuard Fireware. Continue reading this Cybersecurity Threat Advisory...
