Blackpoint Cyber

#MSSPAlertLive kicks off today! 📢 Here's what you need to know. Panel Session 💬 → Change in the Channel: Where Partners Should Focus for the Future → 4:15PM ET | Monday, December 8 | Salon B & C → Speakers: Sharon Florentine (CyberRisk Alliance), Wilfredo Santiago (Blackpoint Cyber), Joe Morin (CyFlare), Dustin Bolander (Beltex Insurance) Breakout Session 🗣️ → Unified Security Posture: Illuminating the Blind Spots Where Adversaries Thrive → 11:35AM ET | Tuesday, December 9 | Mandalay Bay Meeting Room → Speaker: Wilfredo Santiago (Blackpoint Cyber) Meet the Team 🤝 → Stop by Booth 4 → Catch a live demo, grab free swag, and enter our giveaway! https://lnkd.in/dCR7K7nY | #Cybersecurity MSSP Alert Tim Sheahen Allison Connors #MSP #MSSP #MDR #ThreatIntel

Four experts. One debate. No punches pulled. 🥊 We're bringing together the best minds from Blackpoint Cyber, Forrester, and Lyra Technology Group to debate the future of the threat landscape. https://hubs.ly/Q03X6Q820 | #Cybersecurity What You Need to Know 🗓️ → Wednesday, December 17 | 1PM ET → Speakers: Zachary Sherf (Lyra Technology Group), Erik Nost (Forrester), Robert Russell (Blackpoint Cyber), and Jason B. (Blackpoint Cyber) The Topics 📝 → Will AI-powered attacks outpace basic hygiene failures? → Is cloud security just identity security in disguise? → Will SIEM finally die, or is it essential infrastructure? Get ready for a breakdown of tomorrow's attack patterns through the SOC's eyes. #ThreatHunting #ThreatIntel #MDR #MSP #MSSP

RMM abuse just got a new layer of camouflage. 👀 Blackpoint Cyber's Adversary Pursuit Group (APG) is tracking a new campaign where threat actors are using GoTo Resolve to covertly deploy ScreenConnect and WinGet across multiple verticals. The Kill Chain 🔦 • Initial Access: Users are tricked by malicious downloads, such as fake calendar invites. • The Pivot: The malicious file installs GoTo Resolve. • The Payload: GoTo Resolve beacons out and downloads ScreenConnect and WinGet to establish persistent access. Why use two RMMs? It’s about evasion and redundancy. Security tools are heavily scrutinizing ScreenConnect downloads right now. By wrapping the installation inside GoTo Resolve, a trusted tool, attackers hope to bypass detection while establishing a 'shadow IT' foothold. Read the full breakdown to see the IOCs, the victimology, and how to block this activity: https://hubs.ly/Q03X1GDy0 | #Cybersecurity #ThreatIntel #MSP #MDR #InfoSec

🚨 Threat Notice: Critical React & Next.js Vulnerabilities ('React2Shell') 🚨 Two critical vulnerabilities (CVSS 10) impacting React and Next.js have been disclosed, allowing for remote code execution (RCE) without authentication. What You Need to Know 👀 The vulnerabilities (CVE-2025-55182 & CVE-2025-66478) involve unsafe deserialization of payloads from HTTP requests. Threat actors can exploit this to execute arbitrary code without user interaction, potentially leading to full server compromise. Important Note ⚠️ Even if your app does not implement React Server Function endpoints, it may still be vulnerable if it supports React Server Components (RCS). Current Status 👇 While there is no confirmed active exploitation at the time of writing, a Proof-of-Concept (PoC) is available. This significantly increases the risk of imminent weaponization. Recommendations 💡 → Immediate Action: Upgrade React and dependencies to the latest available versions. → Audit: Review all React Server Components deployments. → Harden: Implement strict input validation for Server Function endpoints. Blackpoint Cyber's SOC and Adversary Pursuit Group (APG) are actively monitoring for signs of persistence, lateral movement, and tradecraft associated with this threat vector. #Cybersecurity #ThreatAlert #MDR #SOC

⚠️ Threat Notice: Gladinet CentreStack Exploitation ⚠️ Blackpoint Cyber's SOC has detected potential exploitation of Gladinet CentreStack environments. What We're Seeing 👀 On December 4, 2025, our team identified chains of anomalous subprocesses and unusual HTTP requests. This activity included commands indicative of discovery, defense evasion, and credential access—highly abnormal behavior for legitimate web applications. The Response 💪 In all observed cases, Blackpoint’s SOC took immediate, aggressive action to isolate the affected servers. This rapid response prevented further malicious behavior, stopping potential persistence and lateral movement in its tracks. Immediate Action Required ⚙️ Gladinet has communicated a potential vulnerability. We strongly recommend ensuring all CentreStack instances are updated to the latest available version: 16.11.10417.56762 (released November 29, 2025). Recommendations 💡 → Immediate Action: Apply the latest CentreStack updates from the vendor. → Audit: Review logs for indications of unauthorized access. → Harden: Limit external access to CentreStack interfaces wherever possible. → Monitor: Actively watch for suspicious deserialization activities. Blackpoint’s SOC and Adversary Pursuit Group (APG) will continue to monitor this situation closely and update accordingly. #Cybersecurity #ThreatAlert #MDR #SOC

How do you secure a global brokerage across 17 countries and multiple regulatory bodies? 🤔 You start with the right partner. See how Ambico Services Limited uses Blackpoint Cyber's platform to secure ARROW, reducing the client's operational risk and even lowering insurance costs. It's the perfect example of how an MSP transitions from IT provider to strategic partner. https://hubs.ly/Q03WDjt-0 | #Cybersecurity #MSP #MSSP #MDR

Sophisticated adversaries do more than break in — they integrate, too. 🚨 If you're going to #MSSPAlertLive, you can't miss this session. Wilfredo Santiago, Blackpoint Cyber Chief Security & Trust Officer, is leading the conversation on the blind spots created by fragmented security stacks. Drawing on frontline intelligence from our Adversary Pursuit Group (APG), Wil will break down: → How threat actors leverage the disconnection between tools to operate undetected. → Why traditional SIEMs and isolated EDRs are increasingly ineffective against these tactics. → Actionable insights on deploying a unified security posture that removes blind spots. Get full details on this session here: https://hubs.ly/Q03WsdQx0 | #Cybersecurity MSSP Alert #MSP #MSSP #MDR

We're teaming up with Channel Program to spread #Holidaze cheer! ❄️ Through December 12, two lucky winners each day will be gifted amazing cash and prizes — and all you have to do is register. https://hubs.ly/Q03WgKqR0 | #Giveaway #Cybersecurity #MSP #MSSP

Next stop: CyberFOX's #SecureITTampaBay! 📍 Blackpoint Cyber's Tim Sheahen, Jonathan Barnett, and Allison Connors are taking Tampa for the SecureIT Summit this week. If you're at the Tampa Marriott Water Street, let's chat! We're excited to meet with our MSP community and explore everything from cybersecurity to business growth. #Cybersecurity #MSP #MSSP #MDR

Happy Thanksgiving, from everyone at Blackpoint Cyber! 🦃 We want to express our gratitude to our incredible community of MSPs. You trust us to secure your businesses and your clients every day, including today — and for that, we're thankful. #Cybersecurity #MSP #MSSP #MDR