Results for: ransomware
Cybersecurity Threat Advisory: ConnectWise critical security release
A critical vulnerability was discovered within the ConnectWise Recover and R1Soft Server Backup Manager. The vulnerability is described by ConnectWise as “improper neutralization of special elements in output used by a downstream component”. Successful exploitation of the vulnerability would allow...
New report validates need for a centralized approach to education cybersecurity
The U.S. Government Accountability Office (U.S. GAO) has released a report showing that schools remain vulnerable to cyberattacks. “Kindergarten through grade 12 (K-12) schools have reported significant educational impact due to cybersecurity incidents, such as ransomware attacks. Cyberattacks can also...
Defending government and education organizations against cyberthreats
Every organization and individual is a potential target for cyberattacks, but the SLED (state, local, and education) market faces heightened risk. State and local government agencies and educational institutions are high-profile targets with tons of sensitive data and typically very...
Cybersecurity Threat Advisory: Fortinet vulnerability CVE-2022-40684
Fortinet has identified a critical vulnerability tracked as CVE-2022-40684. Upon a successful exploitation, a threat actor can remotely log into devices with FortiGate firewalls or FortiProxy web proxies using an authentication bypass on the administrative interface. Barracuda MSP recommends customers...
Ride-sharing app Uber hacked via social engineering scheme
Last month, the popular ride-sharing app Uber announced a cybersecurity incident that affected a variety of company accounts. The breach reportedly originated within Uber’s internal Slack communication channel after a hacker tricked an employee into sharing their login credentials. Those...
Cybersecurity Threat Advisory: Zoho ManageEngine RCE bug
A critical Zoho ManageEngine Remote Code Execution (RCE) flaw is being actively exploited according to The US Cybersecurity and Infrastructure Security Agency (CISA). This vulnerability allows remote attackers to execute arbitrary code on affected installations of Password Manager Pro, PAM360 and...
Cybersecurity Threat Advisory: Sophos Firewall critical vulnerability
Sophos has identified a remote code execution vulnerability tracked as CVE-2022-3236. This vulnerability affects the User Portal and Webadmin components of Sophos Firewalls. Upon a successful exploitation, a threat actor can gain root privileges and deploy a ransomware attack. Barracuda...
Cybersecurity summits and tools to improve training
Anytime an MSP can expose its engineers and technicians to free training and education, it’s an opportunity that shouldn’t be passed up. One such opportunity is the upcoming “5th Annual Cybersecurity Summit” hosted by CISA and Morehouse College in Atlanta....
Expanded XDR capabilities strengthen Barracuda’s security offering
The rise in cyberattacks such as ransomware, spear phishing, and the overall intensified cyberthreat landscape, continues to raise concern for businesses across the globe. With these evolving concerns and threats in mind, Barracuda has announced new enhancements to the Barracuda...
Identity theft and identity fraud: What they are and how to fight back
The United States Department of Justice (DOJ) does not spell out any distinction between identity theft and identity fraud, saying only that they: “…are terms used to refer to all types of crime in which someone wrongfully obtains and uses another person’s...
