SMBs

Ransomware attackers used incorrectly stored recovery codes to disable EDR agents

credentials, Don't miss, Endpoint Security, enterprise, Hot stuff, Huntress, News, Ransomware, Rapid7, SMBs, SonicWall /

Ransomware attackers used incorrectly stored recovery codes to disable EDR agents 2025-09-16 at 15:46 By Zeljka Zorz All target organizations are different, but ransomware attackers are highly adaptive and appreciate – and will exploit – any mistake you make. The latest Akira ransomware attacks Managed security service providers and external incident responders have had a […]

React to this headline:

Loading spinner

Ransomware attackers used incorrectly stored recovery codes to disable EDR agents Read More »

Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers

Arctic Wolf Networks, data theft, Don't miss, enterprise, Hot stuff, malvertising, Malware, malware analysis, News, SMBs /

Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers 2025-09-09 at 09:46 By Zeljka Zorz Researchers have spotted a malvertising (and clever malware delivery) campaign targeting IT workers in the European Union with fake GitHub Desktop installers. “We believe the goal of this campaign was to gain initial access to organizations for

React to this headline:

Loading spinner

Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers Read More »

Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690)

0-day, Don't miss, enterprise, Hot stuff, Mandiant, News, Sitecore, SMBs /

Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690) 2025-09-04 at 14:48 By Zeljka Zorz A threat actor is leveraging a zero-day vulnerability (CVE-2025-53690) and an exposed sample ASP.NET machine key to breach internet-facing, on-premises deployments of several Sitecore solutions, Mandiant has revealed. About CVE-2025-53690 CVE-2025-53690 is a ViewState deserialization vulnerability that affects any version of Sitecore

React to this headline:

Loading spinner

Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690) Read More »

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987)

Don't miss, Endpoint Security, enterprise, Hot stuff, News, SMBs, Trend Micro, vulnerability /

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) 2025-08-06 at 15:05 By Zeljka Zorz Unauthenticated command injection vulnerabilities (CVE-2025-54948, CVE-2025-54987) affecting the on-premise version of Trend Micro’s Apex One endpoint security platform are being probed by attackers, the company has warned on Wednesday. Unfortunately for those organizations that use it, a patch

React to this headline:

Loading spinner

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) Read More »

Security tooling pitfalls for small teams: Cost, complexity, and low ROI

CISO, cloud security, Compliance, cybersecurity, Don't miss, Features, generative AI, GRC, Hot stuff, News, opinion, Risk Management, Scrut Automation, SMBs, strategy, tips /

Security tooling pitfalls for small teams: Cost, complexity, and low ROI 2025-08-05 at 10:11 By Mirko Zorz In this Help Net Security interview, Aayush Choudhury, CEO at Scrut Automation, discusses why many security tools built for large enterprises don’t work well for leaner, cloud-native teams. He explains how simplicity, integration, and automation are key for

React to this headline:

Loading spinner

Security tooling pitfalls for small teams: Cost, complexity, and low ROI Read More »

AI is changing the vCISO game

CISO, cybersecurity, Cynomi, Don't miss, News, report, risk assessment, SMBs, strategy, survey /

AI is changing the vCISO game 2025-07-31 at 08:02 By Anamarija Pogorelec Virtual CISO (vCISO) services have moved from niche to mainstream, with vCISO services adoption 2025 data showing a more than threefold increase in just one year. According to Cynomi’s 2025 State of the Virtual CISO report, 67% of MSPs and MSSPs now offer

React to this headline:

Loading spinner

AI is changing the vCISO game Read More »

Microsoft rolls out Windows 11 “quick recovery” feature

automation, consumer, Don't miss, enterprise, Hot stuff, News, SMBs, Windows /

Microsoft rolls out Windows 11 “quick recovery” feature 2025-07-23 at 18:31 By Zeljka Zorz With the latest Windows 11 update, Microsoft is saying goodbye to the infamous “Blue Screen of Death” and has enabled the quick machine recovery feature by default for Home users. “For nearly four decades, the blue screen shown during an unexpected

React to this headline:

Loading spinner

Microsoft rolls out Windows 11 “quick recovery” feature Read More »

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)

CrushFTP, Don't miss, enterprise, exploit, file-sharing, Hot stuff, News, Rapid7, Shadowserver, SMBs, vulnerability /

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309) 2025-07-21 at 15:42 By Zeljka Zorz Unknown attackers have exploited a vulnerability (CVE-2025‑54309) in the CrushFTP enterprise file-transfer server solution to gain administrative access to vulnerable deployments. It’s currently unclear what the attackers are using this access for, but data theft looks most likely. According to

React to this headline:

Loading spinner

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309) Read More »

Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)

Censys, Don't miss, exploit, file-sharing, Hot stuff, Huntress, MSP, News, PoC, RCE Security, SMBs, vulnerability, Wing FTP server /

Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812) 2025-07-11 at 15:32 By Zeljka Zorz Threat actors are actively exploiting a recently fixed remote code execution vulnerability (CVE-2025-47812) in Wing FTP Server, security researchers have warned. Wing FTP Server and CVE-2025-47812 Wing FTP Server is a commercial file transfer server solution used by businesses,

React to this headline:

Loading spinner

Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812) Read More »

Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)

Cisco, communication, Don't miss, enterprise, Hot stuff, News, SMBs, vulnerability /

Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309) 2025-07-03 at 14:19 By Zeljka Zorz Cisco has found a backdoor account in yet another of its software solutions: CVE-2025-20309, stemming from default credentials for the root account, could allow unauthenticated remote attackers to log into a vulnerable Cisco Unified Communications Manager (Unified CM) and

React to this headline:

Loading spinner

Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309) Read More »

Windows 10: How to get security updates for free until 2026

consumer, Don't miss, enterprise, Hot stuff, Microsoft, News, security update, SMBs, Windows /

Windows 10: How to get security updates for free until 2026 2025-06-25 at 14:45 By Zeljka Zorz Users who want to stick with Windows 10 beyond its planned end-of-support date but still receive security updates, can enroll into the Windows 10 Extended Security Updates (ESU) program, Microsoft has confirmed on Tuesday. Microsoft’s (self-evident) long-term goal

React to this headline:

Loading spinner

Windows 10: How to get security updates for free until 2026 Read More »

Microsoft unveils “centralized” software update tool for Windows

backup, Don't miss, enterprise, Hot stuff, Microsoft, News, orchestration, SMBs, Windows /

Microsoft unveils “centralized” software update tool for Windows 2025-05-29 at 14:49 By Zeljka Zorz Microsoft is looking to streamline the software updating process for IT admins and users by providing a Windows-native update orchestration platform, and to help organizations upgrade their computer fleet to Windows 11 with the help of Windows Backup for Organizations. The

React to this headline:

Loading spinner

Microsoft unveils “centralized” software update tool for Windows Read More »

Attackers hit MSP, use its RMM software to deliver ransomware to clients

Don't miss, Hot stuff, MSP, News, Ransomware, remote management, SimpleHelp, SMBs, Sophos, vulnerability /

Attackers hit MSP, use its RMM software to deliver ransomware to clients 2025-05-28 at 14:36 By Zeljka Zorz A threat actor wielding the DragonForce ransomware has compromised an unnamed managed service provider (MSP) and pushed the malware onto its client organizations via SimpleHelp, a legitimate remote monitoring and management (RMM) tool. “Sophos MDR has medium

React to this headline:

Loading spinner

Attackers hit MSP, use its RMM software to deliver ransomware to clients Read More »

Outsourcing cybersecurity: How SMBs can make smart moves

Compliance, ConnectWise, cybersecurity, MSP, News, SMBs, strategy, tips /

Outsourcing cybersecurity: How SMBs can make smart moves 2025-05-23 at 08:32 By Anamarija Pogorelec Outsourcing cybersecurity can be a practical and affordable option. It allows small businesses to get the protection they need without straining their budgets, freeing up time and resources to focus on core operations. 76% of SMBs lack the in-house skills to

React to this headline:

Loading spinner

Outsourcing cybersecurity: How SMBs can make smart moves Read More »

Fake AI platforms deliver malware diguised as video content

Artificial Intelligence, cybercrime, Don't miss, Hot stuff, Malware, Morphisec, News, scams, SMBs, social engineering /

Fake AI platforms deliver malware diguised as video content 2025-05-09 at 16:53 By Zeljka Zorz A clever malware campaign delivering the novel Noodlophile malware is targeting creators and small businesses looking to enhance their productivity with AI tools. But, in an unusual twist, the threat actors are not disguising the malware as legitimate software, but

React to this headline:

Loading spinner

Fake AI platforms deliver malware diguised as video content Read More »

Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819)

Don't miss, Hot stuff, News, Rapid7, security update, SMBs, SonicWall, VPN, vulnerability /

Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) 2025-05-08 at 15:38 By Zeljka Zorz SonicWall has fixed multiple vulnerabilities affecting its SMA100 Series devices, one of which (CVE-2025-32819) appears to be a patch bypass for an arbitrary file delete vulnerability that was exploited in zero-day attacks in early 2021, and may have also

React to this headline:

Loading spinner

Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) Read More »

PoC exploit for SysAid pre-auth RCE released, upgrade quickly!

Don't miss, enterprise, Hot stuff, ITSM, News, PoC, SMBs, SysAid, vulnerability, WatchTowr /

PoC exploit for SysAid pre-auth RCE released, upgrade quickly! 2025-05-07 at 15:45 By Zeljka Zorz WatchTowr researchers have released a proof-of-concept (PoC) exploit that chains two vulnerabilities in SysAid On-Prem – the self-hosted version of the platform behind SysAid’s popular IT service management and IT helpdesk solutions – to achieve unauthenticated remote code execution on

React to this headline:

Loading spinner

PoC exploit for SysAid pre-auth RCE released, upgrade quickly! Read More »

Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)

CISA, Don't miss, exploit, Hot stuff, News, PoC, SMBs, SonicWall, vulnerability, WatchTowr /

Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221) 2025-05-02 at 16:18 By Zeljka Zorz Attackers have been using two previously known vulnerabilities (CVE-2024-38475, CVE-2023-44221) to compromise Sonicwall secure mobile access devices, the vendor has confirmed by updating the associated advisories. CISA has added the two flaws to its Known Exploited Vulnerabilities catalog,

React to this headline:

Loading spinner

Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221) Read More »

Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)

CISA, Don't miss, Hot stuff, News, SMBs, SonicWall, vulnerability /

Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) 2025-04-18 at 14:47 By Zeljka Zorz CVE-2021-20035, an old vulnerability affecting Sonicwall Secure Mobile Access (SMA) 100 series appliances, is being exploited by attackers. Sonicwall confirmed it by updating the original security advisory to reflect the new state of play, and by changing the description of the vulnerability

React to this headline:

Loading spinner

Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) Read More »

Critical flaws fixed in Nagios Log Server

Don't miss, enterprise, exploit, Hot stuff, log management, Nagios Log Server, News, PoC, SMBs, vulnerability /

Critical flaws fixed in Nagios Log Server 2025-04-15 at 13:47 By Zeljka Zorz The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The vulnerabilities, discovered and reported by security researchers Seth Kraft and Alex Tisdale, include: 1. A stored XSS vulnerability

React to this headline:

Loading spinner

Critical flaws fixed in Nagios Log Server Read More »

Scroll to Top