Cybersecurity

8 Tips to Maintain Cyber Hygiene

The COVID-19 pandemic made companies realize that how important it is to protect their data. Moreover, they have realized that how crucial the role of MSPs and other IT service providers is in protecting the data. As vaccines continue to roll out, businesses are now moving from remote work to hybrid work environment. With this…

Read more
Managed Services

Top 13 Email Threats You Should Know About

A cyberattack can affect your business in many ways, depending on its nature, scope, and severity. According to the FBI’s Internet Crime Complaint Center (IC3), cybercrime cost $3.5 billion in losses in 2019 alone, with business email compromise (BEC) causing the most damages. That doesn’t include unreported losses, which are significant. IC3 received 467,361 complaints…

Read more

Threat Intelligence Brief by our Partner Fortinet

Top 5 Application Vulnerabilities / IPS Distribution Rank – Name – % 1. ThinkPHP.Controller.Parameter.Remote.Code.Execution – 25% 2. PHPUnit.Eval-stdin.PHP.Remote.Code.Execution – 21% 3. NETGEAR.DGN1000.CGI.Unauthenticated.Remote.Code.Execution – 19% 4. Telerik.Web.UI.RadAsyncUpload.Handling.Arbitrary.File.Upload – 19% 5. Dasan.GPON.Remote.Code.Execution – 16% Top 5 Malware Activity Distribution Rank – Name – % 1. MSOffice/CVE_2017_11882.C!exploit – 24% 2. W32/Generic_PUA_KL!tr – 23% 3. JS/RefC.G!tr – 19% 4. W32/Agent.HTL!tr.rkit – 18% 5. MSIL/GenKryptik.EKLE!tr – 16%

Read more
Cybersecurity

Canada – Canada Revenue Agency (CRA)

The CRA has locked down 800,000 online taxpayer accounts following an internal investigation that found user logins and other sensitive information may have been hacked. The agency noted that it could take until March 22 for the issues to be resolved. Here’s the full story

Read more
Cybersecurity

France – European Banking Authority (EBA)

The first dominos to fall in the massive Microsoft breach (see above) will be government entities in the US and Europe. Starting that trend, the European Banking Authority has announced that it’s been impacted. EBA officials say that personal data may have been accessed from its servers. The agency has taken its email system offline…

Read more
Cybersecurity

United States – Microsoft

Microsoft recently reported that suspected Chinese nation-state actors have exploited a flaw in Exchange that has given them access to data and/or email accounts. According to estimates 30,000 or so customers and 18,000 servers were affected. This flaw impacts a broad range of customers, from small businesses to local and state governments and some military…

Read more
Managed Services

Six (6) Steps to address Zero-Day Exploits on Exchange Servers

Four (4) zero-day vulnerabilities in Microsoft Exchange Server are being actively exploited by Hafnium, which the State Department believes is a state sponsored group that typically targets US entities with the goal of exfiltrating data. The zero-day vulnerabilities in Exchange, according to Microsoft, include the following: CVE-2021-26855 – Vulnerability allowing outside party to make untrusted connection…

Read more
Software Development

Serverless Computing

Serverless computing is a misnomer. Computing is impossible without the presence of a machine. Just like a virus needs a host, code can also not run in thin air, it needs machine resources to take input, process, and then produce output. So then what is serverless computing, and why is it gaining so much popularity? Basically serverless computing is…

Read more
Cybersecurity

United States – Spotify

Spotify has returned for another appearance with a credential stuffing disaster eerily similar. This time, data of approximately 100k users appeared in an Elasticsearch instance spotted by researchers. This is distinctly different data than the load that researchers discovered in November 2020. Here’s the full story

Read more