Tag: CISA
Global Cyber Threats: December 2025 roundup
As we close out the year, it’s a good time to step back and assess the vulnerabilities being flagged by national cybersecurity agencies around the world. I routinely monitor updates from the Canadian Centre for Cyber Security and Australia’s—both among...
Cybersecurity Threat Advisory: Oracle Identity Manager vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a critical flaw impacting Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog. Read this Cybersecurity Threat Advisory to learn about the current risk and apply relevant patches now. What...
Cybersecurity Threat Advisory: Critical vulnerability in Motex Lanscope
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-61932, a critical vulnerability in Motex Lanscope Endpoint Manager, to its Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation in the wild. The flaw, rated CVSS 9.8, allows unauthenticated remote...
AI, identity, and action: What MSPs must prioritize this Cybersecurity Awareness Month
This October marks the 22nd annual Cybersecurity Awareness Month, a campaign co-led by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance. This year’s theme, “Building a Cyber Strong America,” coincides with the sponsoring agency – CISA...
Government shut-down heightens cybersecurity risks
As the U.S. government enters its first full week with operations ground to a halt, experts fear that there will be cybersecurity ramifications. The numbers paint a grim picture: According to Department of Homeland Security planning documents, approximately 65 percent...
Tech Time Warp: Two decades of Cybersecurity Awareness Month—but there’s still work to do
If you’re reading this blog, you probably observe cybersecurity awareness year-round, not just during the annual observance of Cybersecurity Awareness Month each October. But, as a managed service provider (MSP), you also likely appreciate any opportunity to draw attention to...
Late-summer CISA alert roundup
At least once or twice a year I like to sift through the Cybersecurity and Infrastructure Security Agency (CISA) alerts and share some of the latest with SmarterMSP.com. The end of summer is one of the best times to do...
CISA alerts: Why they belong on every MSP’s watchlist
Last week, we looked at how cybercriminals ramp up their activity during the summer months. As pool parties and vacation plans start, so do escalating cybersecurity alerts from both CISA and the Canadian Centre for Cyber Security. With organizations running...
Cybersecurity Threat Advisory: Active exploitation of ASA vulnerability
Cisco has confirmed that a decade-old cross-site scripting (XSS) vulnerability in its Adaptive Security Appliance (ASA) software is actively being exploited in the wild. Review this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is the threat?...
Cybersecurity Threat Advisory: Kemp LoadMaster and VMware vCenter vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added critical vulnerabilities in Progress Kemp LoadMaster (CVE-2024-1212) and VMware vCenter Server (CVE-2024-38812, CVE-2024-38813) to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities allow attackers to execute arbitrary commands, gain remote...
