Results for: ransomware
Cybersecurity Threat Advisory: Kemp LoadMaster and VMware vCenter vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added critical vulnerabilities in Progress Kemp LoadMaster (CVE-2024-1212) and VMware vCenter Server (CVE-2024-38812, CVE-2024-38813) to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities allow attackers to execute arbitrary commands, gain remote...
Cybersecurity Threat Advisory: New malware loader – BabbleLoader
BabbleLoader is a newly identified malware loader designed for delivering information-stealing payloads such as WhiteSnake and Meduza. It demonstrates sophisticated evasion techniques that challenge both traditional antivirus solutions and modern AI-driven detection systems. Read this Cybersecurity Threat Advisory to learn...
Cybersecurity Threat Advisory: New critical Citrix vulnerabilities
New critical vulnerabilities in Citrix Virtual Apps and Desktops, tracked as CVE-2024-8068 and CVE-2024-8069, as well as new flaws involving MSMQ (Microsoft Message Queuing) misconfiguration, were discovered. These vulnerabilities enable attackers to achieve unauthenticated remote code execution (RCE) on vulnerable...
Partner Spotlight: Redesigning the security mix to address evolving needs
M.IT Connect, a long-time managed service provider (MSP) from Hallstadt, Germany, was faced with challenges managing their previous firewall solution. Not only was it difficult to manage, but it lacked the scalability required to meet clients’ evolving needs. As their...
Ask an MSP Expert: How can pentesting add value to an MSP security service offering?
In today’s cybersecurity landscape, many MSPs are looking to add penetration testing (pentesting) to their service offering. Pentesting is a simulated cyberattack on a system, network, or application to find vulnerabilities before real hackers can exploit them. It helps organizations...
Cybersecurity Threat Advisory: Zero-click flaw in Synology NAS devices
Synology, network-attached storage (NAS) maker, addressed critical security vulnerability, CVE-2024-10443, which impacts their DiskStation and BeePhotos applications. This is an unauthenticated vulnerability that can allow attackers to obtain root-level code execution on Synology NAS devices. Review the details in this...
Beyond phishing: How cybercriminals target SMBs vs. enterprises
Security-focused managed service providers (MSPs) know that small to midsize businesses (SMBs) often take a more cavalier approach to cybersecurity than larger organizations. They often believe that because they are small and less well-known, they’re less likely to draw the...
Beyond patches and firewalls: Advanced strategies for cyberthreat defense
Threat mitigation is to managed service providers (MSPs) what preventative medicine is to doctors. In other words, threat mitigation is the first line – and often least expensive – defense against cybercriminals. Of course, some of the basic steps include...
Cybercriminals impersonate OpenAI in large-scale phishing attack
Since the launch of ChatGPT, OpenAI has sparked significant interest among both businesses and cybercriminals. While companies are increasingly concerned about whether their existing cybersecurity measures can adequately defend against threats curated with generative AI tools, attackers are finding new...
How MSPs can improve threat detection and response with XDR
According to a Barracuda report, 62 percent of IT professionals surveyed believe cyberattacks are becoming more sophisticated and complex. This concern is mainly because traditional security measures often fail to address multifaceted threats in today’s rapidly evolving cybersecurity landscape. Furthermore,...
