Results for: ransomware
Cybersecurity Threat Advisory: Veeam Backup security flaws
There were recently six vulnerabilities discovered in Veeam Backup and Replication. One of them is an unauthenticated remote code execution (RCE), while the other five include authenticated RCE, arbitrary file deletion, low-privileged multi-factor authentication (MFA) setting modification and MFA bypass,...
Summer Roundup: Cyber risks for MSPs to monitor
As summer begins its swan song and thoughts begin to turn toward autumn, the Cybersecurity and Infrastructure Security Agency (CISA) has a fresh batch of advisories. Released in August, these advisories highlight the various cyber risks lurking out there, many...
Tech Time Warp: Back to school and back to hacks
Now that we are past Labor Day, school is back in session across the United States—which means summer vacation is over for cybercriminals, too. Let’s dive into this week’s edition of Tech Time Warp. The education sector is increasingly a...
Data migration expertise: A must-have for MSPs
Managed service providers (MSPs) that have data migration expertise are finding their services are in more demand than ever. A survey of 300 application and software development, IT, and security leaders conducted on behalf of Onymos, found that more than...
Cybersecurity Threat Advisory: Exploited Jenkins vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability found in Jenkins, identified as CVE-2024-23897 with a CVSS score of 9.8, to its Known Exploited Vulnerabilities (KEV) catalogue. This vulnerability is a path traversal flaw within the...
Cybersecurity Threat Advisory: EDRKillShifter, a growing threat
A cybercrime group associated with the RansomHub ransomware has been observed using a newly developed tool named “EDRKillShifter” to disable endpoint detection and response (EDR) software on compromised systems. This tool is the latest in a growing list of EDR-killing...
Cybersecurity Threat Advisory: Another zero-click Windows TCP/IP vulnerability
Another critical zero-click Windows vulnerability, identified as CVE-2024-38063, has been discovered in the Windows TCP/IP stack, affecting all systems with IPv6 enabled. Review this Cybersecurity Threat Advisory now to mitigate potential exploitation and protect your systems. What is the threat?...
Cybersecurity Threat Advisory: Critical zero-click vulnerability in Microsoft Outlook
A critical zero-click remote code execution (RCE) vulnerability, identified as CVE-2024-30103, was recently discovered in Microsoft Outlook. This flaw allows malicious actors to execute arbitrary code on a victim’s system simply by opening a specially crafted email. Review the details...
Understanding email threats: The foundation of email security
In today’s digital landscape, email remains a fundamental communication tool for businesses. However, its ubiquity makes it a prime target for cyber threats. Understanding these threats is the first step in fortifying your email security. In this blog post, we’ll...
Cybersecurity Threat Advisory: Veeam Backup vulnerability exploit
The Veeam Backup & Replication vulnerability, CVE-2023-27532, which was patched in March 2023 is still being exploited. Attackers have managed to exploit unpatched systems to launch ransomware attacks since April 2024. Barracuda MSP recommends reviewing this Cybersecurity Threat Advisory in...
