Tag: CISA

Train employees
How MSPs can help clients build a human firewall

How MSPs can help clients build a human firewall

As cybercriminals step up their attacks, aided by AI and other technologies, it’s critical for managed service providers (MSPs) and their clients to reinforce cybersecurity awareness efforts among their employees to create a human firewall. According to the World Economic...

/ June 19, 2024
Should America’s cyber defense agency’s priorities also be yours?

Should America’s cyber defense agency’s priorities also be yours?

In February, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced its 2024 priorities for the Joint Cyber Defense Collaborative (JCDC). This group, composed of government and industry entities, was formed in 2021 and is tasked with gathering, analyzing, and sharing actionable...

/ June 11, 2024
CISA
Staying cyber safe with CISA this summer

Staying cyber safe with CISA this summer

As sure as fireflies and fireworks mean summer, so do Cybersecurity and Infrastructure Security Agency (CISA) warnings and alerts. With parents shuttling kids to day camps, pool parties, and Disney World, summer is a prime time for cybercriminals to make...

/ June 10, 2024 / 5 Comments
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Oracle WebLogic Server vulnerability

Cybersecurity Threat Advisory: Oracle WebLogic Server vulnerability

There has been active exploitation of a critical operating system (OS) command injection vulnerability, known as CVE-2017-3506, found in the Oracle WebLogic Server. The impact can be severe, ranging from financial loss to reputational damage. Review this Cybersecurity Threat Advisory...

/ June 5, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical GitLab bug

Cybersecurity Threat Advisory: Critical GitLab bug

A critical vulnerability in GitLab, labelled CVE-2023-7028, is under active attack by threat actors to achieve account takeover, as reported by the Cybersecurity and Infrastructure Security Agency (CISA). Barracuda MSP recommends GitLab users review this Cybersecurity Threat Advisory now to...

/ May 10, 2024
CISA vulnerability warning program
New CISA vulnerability warning pilot program is a success

New CISA vulnerability warning pilot program is a success

The Cybersecurity and Infrastructure Security Agency (CISA) recently announced its vulnerability warning program has issued over 2,000 alerts since its inception. The agency’s director, Jen Easterly, delivered remarks recently at the Institute for Security and Technology, sharing that these alerts...

/ April 30, 2024
Analyzing the latest Ivanti-linked CISA breach

Analyzing the latest Ivanti-linked CISA breach

Another day passes, another cyberattack strikes. This time, a recent incident impacted a major U.S. government entity known as the Cybersecurity and Infrastructure Security Agency (CISA). Back in February, CISA officials discovered that two of its internal computer systems were compromised by...

/ April 16, 2024
Top cybersecurity misconfigurations MSPs should address

Top cybersecurity misconfigurations MSPs should address

As we embrace spring, the fall seems to be nothing but a memory. While 2024 holds new trends, threats, and opportunities for MSPs, there are still a few things to keep in mind from 2023. In October of last year,...

/ April 9, 2024
CISA and NSA weigh in on best cybersecurity practices for MSPs

CISA and NSA weigh in on best cybersecurity practices for MSPs

The Cybersecurity and Infrastructure Security Agency (CISA), along with the National Security Agency (NSA), have defined a set of best cloud security practices that specifically call for managed services providers (MSPs) to provide more visibility into their IT operations. The...

/ March 27, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Ivanti alerts of new high-severity flaws

Cybersecurity Threat Advisory: Ivanti alerts of new high-severity flaws

During Ivanti’s announcement of their fixes for the recent critical zero-day vulnerabilities, the software vendor alerts of two new high-severity flaws in its Connect Secure and Policy Secure products. One of which is said to be under targeted exploitation in...

/ February 1, 2024