Remote desktop software allows employees to connect into their computer network without being physically linked to the host device or even in the same location. This makes it a useful tool for a distributed or remote workforce. Unfortunately, remote desktop software is also a prime target for cyberattack. Among the security challenges facing IT teams implementing remote desktop software is that there are many different tools available, each using different and sometimes several ports to operate. Ports are virtual connection points that allow computers to differentiate between different kinds ..read more

Okta has observed an unprecedented spike in credential stuffing attacks targeting its identity and access management solutions. Attackers are leveraging the TOR anonymization network and residential proxies to compromise user accounts. To mitigate this risk, Barracuda MSP recommends reading this Cybersecurity Threat Advisory in full and taking the recommended steps. What is the threat? Credential stuffing attacks are a form of cyberattack where attackers use automated scripts and tools to systematically test large numbers of username and password combinations obtained from previous data brea ..read more

The Cybersecurity and Infrastructure Security Agency (CISA) recently announced its vulnerability warning program has issued over 2,000 alerts since its inception. The agency’s director, Jen Easterly, delivered remarks recently at the Institute for Security and Technology, sharing that these alerts have gone to organizations running software with vulnerabilities actively being exploited by ransomware gangs. The program is currently in the pilot phase. It is mandated by the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). It aims to reduce the number of ransomware att ..read more

While no one knows for certain what percentage of the trillions of dollars spent on IT might be accounted for by managed service providers (MSPs), but recent research suggests MSP IT spending is growing at a significant rate. A survey of 250 MSP executives finds that 80 percent of respondents have increased their IT budgets overall. Two-thirds (67 percent) have doubled (50 percent) their IT budget size. Also, more than a quarter (27 percent) said they have increased their IT budget by as much as 60-70 percent. Conducted by ETB Technologies, a provider of refurbished IT equipment, the survey a ..read more

Given the surge of incidents within the past decade, many people are becoming familiar with ransomware and data breaches. However, a new type of cyberattack known as killware has emerged in recent years. It’s now a major security issue for organizations. But what does the term “killware” actually mean? Let’s take a look: Killware and industries that are vulnerable to these attacks Security Magazine describes killware as a cyberattack that is deployed with the intent of producing real-life risk to communities through the manipulation of operational technology (OT). Put simply, killwa ..read more

Three critical vulnerabilities have been discovered in the Forminator plugin for WordPress, affecting over 300,000 websites. Barracuda MSP advises users to review this Cybersecurity Threat Advisory in detail to learn proper measures for safeguarding your websites. What is the threat? The Forminator WordPress plugin has three critical vulnerabilities: CVE-2024-28890 (CVSS score of 9.8), CVE-2024-31077, and CVE-2024-31857. Below are the technical details behind each vulnerability: CVE-2024-28890 – File upload vulnerability: This vulnerability arises from insufficient validation of files durin ..read more

It’s ironic that a computer deemed “not good enough” could have reigned as the world’s fastest computer for three years and made a lasting impact on the tech industry. But that’s the story we dive into in this edition of Tech Time Warp: The IBM 7030, aka “Stretch” because it took computer design to such new heights. The Stretch Project began in 1956 and was led by engineer Stephen Dunwell, who during World War II had developed a top-secret computer that could decode intercepted radio transmissions. Dunwell’s team undertook the task of creating the world’s fastest computer for use in nuclear ..read more

Two vulnerabilities, CVE-2024-20353 (denial of service) and CVE-2024-20359 (persistent local code execution), were leveraged to create backdoors by a state-sponsored cyber-espionage group, ArcaneDoor, in Cisco firewalls. Review the recommendations in this Cybersecurity Threat Advisory to protect your firewall appliances now. What is the threat? Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls had two critical vulnerabilities exploited: CVE-2024-20353: Denial-of-Service (DoS) vulnerability. Allows attackers to disrupt services on the targeted fire ..read more

The marketing industry is a fascinating one. When you look up tips from experts, you’ll see all kinds of misconceptions, myths, and conflicting information. However, this isn’t because the experts don’t know what they are talking about. For one, the managed service provider (MSP) marketing space differs from most. Second, marketing is an industry where the “shiny new object” syndrome runs rampant. Third, the marketing landscape changes by the second. What worked like magic one day can be completely obsolete the next. This means the industry is full of flash-in-the-pan fads. However, plenty o ..read more

We have reported extensively on the cybersecurity talent shortage plaguing the industry. The shortage is more than just a personnel issue though, it represents a serious cybersecurity problem. For instance, a Gartner report says that by 2025, half of all cybersecurity incidents will occur because of “a lack of talent or human failure.” This week, we are taking another look at this topic in an interview with Steve Satterwhite, CEO of Entelligence, a company that monitors and analyzes the cybersecurity landscape. 2024 Trends: A dichotomy Satterwhite says he has noticed several key trends in hir ..read more