Cybersecurity Threat Advisory: New attack tactic from DarkGate MaaS operation
The DarkGate Malware-as-a-Service (MaaS) operation are now using AutoHotkey to deliver the last stages of cyber attacks. Read this Cybersecurity Threat Advisory to learn more about this advanced tactic and how to mitigate your risks. What is the threat? DarkGate,...
Cybersecurity Threat Advisory: Critical vulnerability discovered in FortiSIEM
A new critical command injection vulnerability, CVE-2024-23108, found in Fortinet’s FortiSIEM solution. This vulnerability poses significant risks to organizations using the solution. Review this Cybersecurity Threat Advisory to learn more now. What is the threat? CVE-2024-23108 impacts FortiSIEM versions 6.4.0...
Cybersecurity Threat Advisory: Credential stuffing attacks targeting Okta
Okta has observed an unprecedented spike in credential stuffing attacks targeting its identity and access management solutions. Attackers are leveraging the TOR anonymization network and residential proxies to compromise user accounts. To mitigate this risk, Barracuda MSP recommends reading this...
Cybersecurity Threat Advisory: Active exploits of Cisco firewalls
Two vulnerabilities, CVE-2024-20353 (denial of service) and CVE-2024-20359 (persistent local code execution), were leveraged to create backdoors by a state-sponsored cyber-espionage group, ArcaneDoor, in Cisco firewalls. Review the recommendations in this Cybersecurity Threat Advisory to protect your firewall appliances now. What is...
Cybersecurity Threat Advisory: Critical vulnerability in Palo Alto PAN-OS
Palo Alto Networks has disclosed a critical vulnerability, CVE-2024-3400, impacting its PAN-OS software’s GlobalProtect feature. This flaw enables unauthenticated attackers to execute arbitrary code with root privileges on affected firewalls. Review this Cybersecurity Threat Advisory to keep your organization secure...
Cybersecurity Threat Advisory: TA558 phishing campaign
The threat actor TA558 is conducting a phishing campaign targeting various sectors in Latin America, intending to deploy the remote access tool known as Venom RAT. Barracuda MSP encourages organizations to follow the recommendations detailed in this Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: StrelaStealer malware targets organizations
A new email threat, StrelaStealer malware, is targeting Europe and United States organizations. It spreads through phishing emails with attachments that execute its dynamic-link library (DLL) payload designed to steal email login data. This Cybersecurity Threat Advisory reviews the threat...
Cybersecurity Threat Advisory: Glibc root access vulnerability
A critical security flaw in the GNU C Library (glibc) has been disclosed, tracked as CVE-2023-6246. It allows malicious attackers to gain full root access on Linux machines. Read this Cybersecurity Threat Advisory to learn how to mitigate the risks...
Cybersecurity Threat Advisory: Critical RCE vulnerability
A critical pre-authentication remote code execution (RCE) vulnerability, CVE-2024-21591, has been patched in Juniper Networks’ Junos OS on SRX firewalls and EX switches. Exploitable via an out-of-bounds write, the flaw poses risks of denial-of-service (DoS), RCE attacks, or unauthorized root...
Cybersecurity Threat Advisory: Google OAuth vulnerability
In this Cybersecurity Threat Advisory, we’re looking at a critical Google OAuth vulnerability that allows ex-employees to maintain access to applications such as Slack and Zoom. After off boarding, attackers can achieve access by creating non-Gmail accounts using corporate email...
