Tag: Cybersecurity Threat Advisory

Cybersecurity Threat Advisory: NortonLifeLock compromised

Cybersecurity Threat Advisory: NortonLifeLock compromised

Recently, thousands of NortonLifeLock customers had their accounts compromised, potentially allowing malicious actors to access user password managers. Gen Digital, Norton LifeLock’s parent company, has sent notices to over 6,000 customers whose accounts were compromised.

/ January 18, 2023
Cybersecurity Threat Advisory: LastPass’ security incident update

Cybersecurity Threat Advisory: LastPass’ security incident update

LastPass provided an update to their August incident where an unauthorized access occurred in their cloud storages. The incident involved storages that contain production data and certain metadata of LastPass subscribers.  LastPass recommends businesses to review and update their passwords,...

/ December 28, 2022
Cybersecurity Threat Advisory: Linux Kernel Vulnerability

Cybersecurity Threat Advisory: Linux Kernel Vulnerability

The Zero Day Initiative (ZDI) has disclosed a new Linux Kernel Vulnerability that could lead to code execution in the context of the kernel. The security flaw is a bug in the new Linux 5.15 SMB3 server, ksmbd. The ZDI...

/ December 27, 2022
Cybersecurity Threat Advisory: Best practices for the holiday season

Cybersecurity Threat Advisory: Best practices for the holiday season

Barracuda MSP would like to wish everyone a happy holiday season! As organizations around the world are getting ready for some well-deserved time off, hackers are ramping up their infiltration efforts. Threat intel data indicates we will experience a sizable...

/ December 22, 2022
Cybersecurity Threat Advisory: Apple zero-day vulnerability

Cybersecurity Threat Advisory: Apple zero-day vulnerability

This week, Apple has released security updates to iOS, iPadOS, macOS, tvOS, and Safari web browser to address a new zero-day vulnerability that could result in the execution of malicious code. This vulnerability could potentially allow threat actors to bypass...

/ December 15, 2022
Cybersecurity Threat Advisory: Citrix Zero-Day Vulnerability

Cybersecurity Threat Advisory: Citrix Zero-Day Vulnerability

Today, Citrix has released a critical security update to address a zero-day vulnerability. Upon a successful exploitation, an unauthenticated remote attacker could perform code execution leading to system takeover. Both Citrix and the NSA stated they are aware of targeted...

/ December 13, 2022
Cybersecurity Threat Advisory: New FortiOS patches available

Cybersecurity Threat Advisory: New FortiOS patches available

Today, Fortinet disclosed information regarding a vulnerability that allows a remote attacker to execute code without authentication. The vulnerability, tracked as CVE-2022-42475, has a severity score of 9.3. Fortinet mentioned that they are aware of an instance where it has...

/ December 12, 2022
Cybersecurity Threat Advisory: New VMware patches available

Cybersecurity Threat Advisory: New VMware patches available

This week, VMware released three security patches for a critical authorization bypass vulnerability in the Workspace ONE Assist solution. The vulnerability could potentially allow remote attackers to bypass authentication and elevate their privileges within the system. The vulnerabilities are tracked as...

/ November 10, 2022
Cybersecurity Threat Advisory: ConnectWise critical security release

Cybersecurity Threat Advisory: ConnectWise critical security release

A critical vulnerability was discovered within the ConnectWise Recover and R1Soft Server Backup Manager. The vulnerability is described by ConnectWise as “improper neutralization of special elements in output used by a downstream component”. Successful exploitation of the vulnerability would allow...

/ October 31, 2022
Cybersecurity Threat Advisory: Fortinet vulnerability CVE-2022-40684

Cybersecurity Threat Advisory: Fortinet vulnerability CVE-2022-40684

Fortinet has identified a critical vulnerability tracked as CVE-2022-40684. Upon a successful exploitation, a threat actor can remotely log into devices with FortiGate firewalls or FortiProxy web proxies using an authentication bypass on the administrative interface. Barracuda MSP recommends customers...

/ October 7, 2022