One Piece of Cybersecurity Advice Every MSP Should Hear
Our partners are living the advice they give every day.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
The Secret Backdoor in Your Firewall... How Attackers Get In WITHOUT Hacking!#cybersecurity#InfoSec
Your WAF is Providing a False Sense of Security Improper network configuration can completely nullify the effectiveness of your Web Application Firewall. If attackers can discover your origin server's direct IP address: They can bypass your expensive security controls entirely. Your "internal" services become externally exposed. You have a massive, unknown gap in your defenses. This animation is a clear example of why security doesn't end with buying a tool. Proper integration and a zero-trust mindset are non-negotiable.
Best server backup solutions: Top five picks for 2025
Today, data is the engine of modern business. Yet, the threats to that engine — from sophisticated ransomware attacks and cloud misconfigurations to simple hardware failures — have never been greater. For organizations of all sizes, a reliable server backup strategy is more than an IT task — it’s a foundation for survival. Without truly reliable server backup solutions, a single incident can lead to catastrophic downtime, regulatory fines and permanent damage to your reputation.
Cracking the Massive File Problem
Big projects come with big files. CAD drawings. Media assets. Genomic data. These files aren’t just large—they’re monsters. Moving them from desktops to on-premises servers and back again eats up time, bandwidth, and patience. And when teams hack together workarounds like wired connections, FTP drops, or USB drives, it slows progress and traps files in silos. The cloud should make this easier. Security, flexibility, and access are givens today.
Why Ethical Tech Design Should Be Part of Compliance Requirement
Building a great app used to be quite simple. Get a good team together, come up with exciting features, write the code, and get it out the door as fast as possible. All you needed was to make sure your product met user expectations, as well as compliance requirements like data protection, security, and privacy. The ethical stuff? That was often just a nice-to-have and maybe something for your legal team to check off. But those days are far gone.
PCI DSS 6.4.3 & 11.6.1: What QSAs Expect to See
Back in 2022, PCI DSS v4.0 set the stage for a new era of payment security. For the first time, it asked organizations to look beyond their servers and into the browser itself. Then, on April 1, 2025, the “future-dated” requirements, 6.4.3 and 11.6.1, moved from guidance to mandate, decisively shifting attention to mitigating client-side risk. In plain English, the spotlight is now on what’s happening in the browser.
SharpParty: Process Injection in C#
As Anti-Virus and EDR solutions improve in detection and response capabilities, the job of a red teamer can become quite arduous. Malware payloads and techniques that once dominated networks have failed the test of time as EDR becomes aware of them. If your initial access payloads are detected immediately, your six-week long red team could be dead on arrival.
The Security Imperative: Trust, Speed, and Integral Defense
The systemic nature of software supply chain attacks is growing more complex, creating a critical tension between speed and security. The Israeli National Cyber Directorate’s (INCD) recent “Breaking the Chain” report validates that the most significant threats live outside your first-party code, highlighting a crisis of trust in the open-source-software (OSS) supply chain.
NTLM Relay Attacks: Back from the Dead - and Still Haunting Active Directory
NTLM Relay attacks should be history. Yet in 2025, they remain one of the most effective ways to compromise Active Directory. We first covered this problem back in 2020, when we wrote about a troubling vulnerability that refused to die: NTLM Relay attacks. At the time, many believed NTLM Relay attacks were a relic of the past, an old problem long solved by Kerberos and modern authentication protocols.
Configuration management for secure endpoint control
Configuration management enforces consistent endpoint and system policies to prevent misconfigurations, reduce risk, and simplify compliance. By establishing secure baselines, automating enforcement, and detecting configuration drift, organizations strengthen their security posture. Netwrix Endpoint Management further enhances protection with automated monitoring, rollback, and compliance alignment to safeguard sensitive data and identity-based access.