RESEARCH
Part 1: Threat Actors Don't Pick You. You Just Happen to Be There.
There's this idea that floats around—usually in boardrooms and in forums—that advanced threat actors operate like surgeons. They pick a target, they plan it out, they execute. Super deliberate. Undeniably cinematic. It implies that a breach is something that happens ...
Cyber Compliance
Stop Getting Mad When Your Client Won’t Buy Compliance
You know the look. You explain how they need MFA, a risk assessment, documented policies, backups that actually restore… and your client stares back at you like you just recited the GDPR in ancient Greek. You leave the meeting frustrated. ...
“Fined Without a Breach?” Why the Wojeski $60,000 Penalty Matters—even if You Think You’re Small
You’ve seen two kinds of headlines after cyber incidents: (1) lawsuits and (2) regulatory enforcement. The recent $60,000 fine against Wojeski ...
New California Audit Law Just Put Your MSP on the Hook. Here’s How to Turn It Into Recurring Revenue
If your clients process sensitive data, your MSP is now part of the legal conversation. On July 24, 2025, California finalized new rules that require businesses processing high-risk personal information to undergo annual, independent cybersecurity audits. This isn’t just for ...
Cyber Liability
One Misconfigured AI Agent Can Impact Every Client You Manage
When One Action Hits Every Client, Governance Decides the Outcome Imagine a hypothetical that’s taught in law school every semester: A delivery driver abandons his route to join a drum circle for three days. On his way back, he causes ...
They Already Have an IT Department. Good. That’s Why You Should Call.
Last night I was at dinner with the CEO of an MSP. Good operator. Growing. Adding clients. Doing the work. We were walking around his town before dinner talking about the usual founder stuff. Processes. How to get people to ...
Agentic AI at the Edge: Opportunity, Autonomy & the Coming Legal Minefield
You’ve probably heard executives gush about autonomous AI agents, the shiny new productivity booster that can automate workflows faster than you can say “zero-trust.” But what they don’t hype is how agentic AI turns your cybersecurity playbook into an existential ...
Insurance & MSP Liability
The Clients You're Ignoring Are the Ones Who Will Sue You
I said something on stage at XChange last week that made a lot of people in the room uncomfortable. "Your smallest clients are your biggest risk." Not your enterprise accounts. Not the ones with complex environments and demanding SLAs. The ...
You’re Not Insured. You’re Just Hopeful.
So there I am, wrapping up a conference session—over 1,000 MSPs in the building—and one guy comes up clutching a fresh copy of Standardized like it’s a fire extinguisher in a server room. He’s nodding along, clearly rattled in all ...
Your MSP Carries More Risk Than a Magazine Stand—and That’s a Problem
Let’s talk about airport gift shops for a minute. You know the ones—tiny kiosks with $14 neck pillows, expired jerky, and three copies of Men’s Health no one’s ever going to read. Now, tell me—how much sensitive data do you ...
More Articles
Hackers Are Breaking Into Microsoft Teams And Dropping Malware
Researchers at Avanan are a Check Point subsidiary. They have recently issued a warning that anyone who uses Microsoft Teams should be aware of. According to the latest statistics, more than 270 ...
Hackers Are Setting Their Sights On Linux Systems
For most of the history of the internet Linux has been able to stay below the radar of hackers around the world. While there have been some attacks that specifically targeted Linux ...
New Malware Is Using CSV Files To Infect Users
Researchers have spotted a new phishing campaign you should be aware of. What sets this one apart is that the hackers are using a lowly but specially crafted CSV file to infect ...
Last Year Microsoft Blocked More Than 25 Billion Hacker Attacks
Individual users often don't have a good sense of the scope and scale of hacking attacks around the world. The numbers may shock you. According to Microsoft, in 2021 the company blocked ...
More Scammers Are Using Social Media To Target Victims
An increasing number of scammers are using social media to target victims and relying on social engineering tricks to convince people to part with their personal information or money. The problem has ...
Microsoft Defender Adds Cross Platform Mobile Protections
Microsoft recently announced an important upgrade to Microsoft Defender. It now supports vulnerability management for both Android and iOS. The company's announcement reads in part as follows: "With this new cross-platform coverage, ...
Mac Malware Is Becoming A Bigger Threat For Users
In late 2020 a new strain of malware called UpdateAgent appeared and began infecting Mac users. Initially the strain wasn't all that worrisome. It stole system information but it was by no ...
Additional Security Recently Added To Office 365
Back in September of 2020 Microsoft announced that it was experimenting with the addition of SMTP MTA Strict Transport Security (MTA-STS) support to Exchange Online. This was done in a bid to ...
New Android Malware Steals Data And Factory Resets Phones
BRATA malware was first spotted in the wilds by Kaspersky back in 2019. Its earliest incarnation saw it targeting e-banking users and it was designed to steal banking and login credentials of ...
Suspicious Files Get New Warnings In Google Drive
If you have Google Drive, there's good news. The company has recently announced that soon they'll be rolling out a new feature to help alert users to the presence of suspicious documents. ...
High Profile Instagram Accounts Being Held For Ransom By Hackers
Hackers have recently hit upon a new money-making scheme. Some groups have started breaking into Instagram accounts belonging to people with high numbers of followers. They are then holding those accounts hostage ...
Dark Herring Subscription Scam Affected Millions Of Android Users
Google partner Zimperium zLabs has recently discovered a sophisticated scam targeting more than 100 million Android users. The scam has been in operation right under Google's nose for nearly two years. The ...
