Critical VEEAM Backup Vulnerability
Multiple critical vulnerabilities are affecting several Veeam products. On September 4, 2024, Veeam released a security bulletin addressing several vulnerabilities impacting various Veeam products; three of which are classified as critical. Vulnerability CVSS Affected Product Description: Currently, no active exploitation or publicly available proof of concept (PoC) exploit code has been observed, however, given the history of ransomware targeting Veeam products, it’s crucial to act swiftly. TSI’s Proposed Next Steps…
Continued
TSI Day 2024!
Christopher Souza | CEO We recently celebrated TSI Day, a special occasion dedicated to honoring all of our hardworking employees and their accomplishments. We’re proud to have such a remarkable team and are so appreciative for everything that they do for TSI and our clients. About Technical Support International TSI is 35-year old cybersecurity (MSSP) and IT support (MSP) company specializing in helping DIB organizations address their NIST 800-171 and…
Continued
VMware ESXi Security Alert
Christopher Souza | CEO A critical VMware ESXi security flaw, CVE-2024-37085, is being exploited by ransomware groups. CVE-2024-37085 allows attackers to give themselves full administrative access to the ESXi hypervisor by exploiting Active Directory integration. This is possible due to an automatic configuration mode that all VMWare ESXi servers enter when Active Directory integration is used. By leveraging this automatic configuration feature, attackers who can gain enough access to Active…
Continued
How to Choose an IT Services Partner
Christopher Souza | CEO While many managed service providers advertise their technical skills and certifications, potential customers should analyze their core values as well. Technical skills are relatively constant throughout the market, but focuses on teamwork and continuous improvement are rare and should greatly influence your vendor decision. The truth is, all managed services providers (MSP) are far more alike than people realize – ourselves included. They all use the…
Continued
Ethan Norris | Marketing Coordinator As you may have heard, there was a significant outage currently affecting CrowdStrike services, which caused widespread disruptions to Windows systems globally. This issue was being reported across the globe and has been traced back to a problem with the CrowdStrike Falcon Sensor. CrowdStrike confirmed the issue in an alert at 1:30 a.m. ET on 7/19/2024, stating: “CrowdStrike is aware of reports of crashes on…
Continued
6 Months Until CMMC In Contracts: Fail to Prepare, Prepare to Fail!
Chris Riani | CISSP | CASP The proposed 32 CFR and 48 CFR CMMC rules have been submitted to the Office of Information and Regulatory Affairs (OIRA) with the expectation that they will be published between the end of 2024 and the first half of 2025, and will mandate specific CMMC levels (1, 2, or 3) in defense contracts. The publication of the upcoming 32 CFR and 48 CFR final…
Continued
Welcome to The New Microsoft Teams: What This Update Means For You and Your Organization
As of Friday, March 29, all classic Microsoft Teams users have been automatically upgraded to the new Teams platform. New Teams offers a range of changes and improvements, aiming to streamline and enhance collaboration across the board. In this article, we’ll cover all the new Teams updates to help clarify how these changes will impact your organization moving forward as well as all the newly available features that will help…
Continued
Is Your MSP, MSSP or Cloud Service Provider Risking Your NIST 800-171 Compliance & CMMC Readiness?
Are you a Defense Industrial Base (DIB) contractor that uses an External Service Provider (ESP) like AWS, GCC or an ERP that contains Controlled Unclassified Information (CUI)? Then you should consider that as of today, ESPs will be included in scope for assessments which require them to follow specific rules outlined in NIST 800-171 and the Cybersecurity Maturity Model Certification (CMMC ). In addition to this and although not a…
Continued
Security Alert for MFA – How Malicious Users Are Bypassing MFA
We’ve recently noticed a concerning trend that could impact you and your organization. Recently there has been a significant increase in incidents where malicious users are successfully bypassing Multi-Factor Authentication (MFA). This poses a serious risk to the security of your accounts and sensitive information. While MFA is a great security measure, even it’s not safe from being compromised. These recent incidents have involved sophisticated phishing attacks designed to trick…
Continued
Cybersecurity Insurance is a Waste of Money… Unless You’re Following These Four Requirements!
Christopher Souza | CEO Cybersecurity insurance is an increasingly popular solution for businesses to protect themselves against today’s volatile cybersecurity threats. While cybersecurity insurance can provide some degree of a safety net for businesses, there are numerous considerations to keep in mind for your cybersecurity policy to work and pay out a claim in the unfortunate case of a breach. In this article, we’ll clarify some often-overlooked requirements to help…
Continued
Cyber Security Policy Starter Kit:
10 Critical Policies That Every Company Should Have in Place
