Tag: CISA
Cybersecurity Threat Advisory: Critical GitLab bug
A critical vulnerability in GitLab, labelled CVE-2023-7028, is under active attack by threat actors to achieve account takeover, as reported by the Cybersecurity and Infrastructure Security Agency (CISA). Barracuda MSP recommends GitLab users review this Cybersecurity Threat Advisory now to...
New CISA vulnerability warning pilot program is a success
The Cybersecurity and Infrastructure Security Agency (CISA) recently announced its vulnerability warning program has issued over 2,000 alerts since its inception. The agency’s director, Jen Easterly, delivered remarks recently at the Institute for Security and Technology, sharing that these alerts...
Analyzing the latest Ivanti-linked CISA breach
Another day passes, another cyberattack strikes. This time, a recent incident impacted a major U.S. government entity known as the Cybersecurity and Infrastructure Security Agency (CISA). Back in February, CISA officials discovered that two of its internal computer systems were compromised by...
Top cybersecurity misconfigurations MSPs should address
As we embrace spring, the fall seems to be nothing but a memory. While 2024 holds new trends, threats, and opportunities for MSPs, there are still a few things to keep in mind from 2023. In October of last year,...
CISA and NSA weigh in on best cybersecurity practices for MSPs
The Cybersecurity and Infrastructure Security Agency (CISA), along with the National Security Agency (NSA), have defined a set of best cloud security practices that specifically call for managed services providers (MSPs) to provide more visibility into their IT operations. The...
Cybersecurity Threat Advisory: Ivanti alerts of new high-severity flaws
During Ivanti’s announcement of their fixes for the recent critical zero-day vulnerabilities, the software vendor alerts of two new high-severity flaws in its Connect Secure and Policy Secure products. One of which is said to be under targeted exploitation in...
Drones: Flying security opportunities for MSPs
As they continue to grow in popularity, drones are increasingly being included in managed service providers’ (MSPs) hardware and software management packages. For most MSPs, this is a natural extension, as drones are becoming more widely used in commercial applications,...
Scattered Spider spins a troublesome web
The Itsy-Bitsy Spider may have crawled up the waterspout, but the Scattered Spider could be crawling into your email box. CISA is sounding the alarm about Scattered Spider and the havoc it can wreak. The CISA bulletin says: “Scattered Spider...
Shields up: How MSPs can advance cybersecurity with cutting-edge technologies
“Bottoms up” is a good-natured toast or nudge to get one to finish their drink. The Cybersecurity and Infrastructure Security Agency (CISA) is introducing a good-natured nudge to get organizations to finish their resiliency called “Shields Up!” You probably won’t...
Top 10 cybersecurity misconfigurations identified by CISA and NSA
The CISA and NSA jointly released a list of the top 10 cybersecurity misconfigurations recently. These misconfigurations often lead to breaches and incidents that should be remedied. The report’s executive summary concludes: “These most common misconfigurations illustrate a trend of...