Cybersecurity Threat Advisory: New SysJoker Malware Targets Windows, Linux, and macOS
Threat Update SysJoker, a new multi-platform backdoor that attacks Windows, Mac, and Linux operating systems was discovered in December 2021 and has been used to target a leading educational institution amongst other undisclosed organizations. The Linux and Mac versions of...
Cybersecurity Threat Advisory: Microsoft Releases Emergency Updates for Issues with Windows
Threat Update In response to critical bugs in its Patch Tuesday release for January 2022, Microsoft has released several out-of-band (OOB) updates to their Windows Server updates. After initially pulling these updates for further review on January 13, Microsoft made...
Cybersecurity Threat Advisory: “Karakurt” Threat Group Exfiltrating Data for Extortion
Threat Update A recently discovered threat group called “Karakurt” has compromised several small and medium-sized organizations by deploying ransomware dedicated to exfiltrating their sensitive data and extorting them for money with threats to publicly release said data. The “Karakurt” ransomware...
Cybersecurity Threat Advisory: Google Releases First Patches for 37 Chrome Vulnerabilities
Threat Update In response to a critical use-after-free vulnerability and 36 more potential exploits, Google has released a series of updates to its Internet browser, Chrome. Barracuda MSP recommends that you update your browsers immediately to prevent cyber criminals from...
Cybersecurity Threat Advisory: VMware Patches Bug Affecting ESXi, Workstation and Fusion
Threat Update VMWare has released patches and workarounds for various products (including ESXi 6.5, 6.7 and 7, Fusion 12.x, Workstation 16.x, and VMware Cloud Foundation) to address a key security vulnerability that could be exploited by threat actors to gain...
Cybersecurity Threat Advisory: Continued Log4j Scanning Activity
Threat Update In recent weeks, Microsoft has observed continued attempts by nation-state adversaries and commodity attackers to exploit security vulnerabilities uncovered in the Log4j open-source logging framework. Barracuda MSP’s Security Operation Center (SOC) is also observing scanning activity and exploit...
Cybersecurity Threat Advisory: Microsoft Patch Tuesday, December 2021
Threat Update Microsoft’s Patch Tuesday release for December 2021 comes with a Windows update that will apply patches for 67 different vulnerabilities. This update includes fixes for 7 critical vulnerabilities, and included fixes that prevented Denial of Service, Remote Code...
Barracuda Networks and Apache Log4j vulnerability
The Log4j vulnerability has recently made headlines around the world. Concerns around this vulnerability center on the fact that an attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message...
Cybersecurity Threat Advisory: Surge in Attacks Against WordPress Sites
Threat Update WordFence, a WordPress security platform, stated that they have blocked 13.7 million attacks against WordPress sites in the span of 36 hours. The number of attacks reflects a dramatic increase in activity from threat actors, originating from 16,000...
Cybersecurity Threat Advisory: SonicWall Patches Critical Vulnerabilities in VPN Appliances
Threat Update SonicWall, a widely-used network security company, has released patches to address several critical vulnerabilities within their SMA 100 Series VPN appliances. These vulnerabilities could allow attackers to execute arbitrary code, modify/delete files, bypass firewall rules, and even gain...