Tip Tuesday: Crafting a BCDR policy that actually works for hybrid environments
A business continuity and disaster recovery (BCDR) policy is essential for protecting client environments from disruptive events. Traditional BCDR plans explain how to recover critical functions and restore data, but they often stop short of addressing the full complexity of...
The SOC case files: XDR contains two nearly identical attacks leveraging ScreenConnect
Take a look at this edition of ‘The SOC case files’ to see how Barracuda’s Managed XDR team recently helped two companies mitigate incidents where attackers compromised computers and install rogue ScreenConnect remote management software. The incidents were neutralized before...
The SOC case files: Ransomware gang reemerges to face a wall of XDR defenses
Dive into this edition of ‘The SOC case files’ to see how the Barracuda’s Managed XDR team recently contained a suspected ransomware attack after the attackers gained access to a company’s network before it installed Managed XDR, compromising several Windows...
Cybersecurity Threat Advisory: Adobe ColdFusion vulnerability
A vulnerability within Adobe ColdFusion could result in arbitrary system file reads and writes. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is the threat? The vulnerability, tracked as CVE-2024-20767, was found within the...
Cybersecurity Threat Advisory: Critical Windows kernel vulnerability
A pointer dereference weakness was discovered within the Microsoft Kernel Streaming Service that would allow an attacker to escalate their privileges to SYSTEM without any user interaction being required. Review the details in this Cybersecurity Threat Advisory to learn how...
Cybersecurity Threat Advisory: Okta username flaw
Researchers have discovered a critical vulnerability in Okta which allows an user to authenticate to an account with a username longer than 52 characters without multi-factor authentication (MFA) enabled. Read this Cybersecurity Threat Advisory to learn how this may impact...
Cybersecurity Threat Advisory: New critical GitLab SAML vulnerability
A new critical GitLab vulnerability within RUBY-SAML and OmniAuth-SAML libraries to bypass SAML authentication was disclosed. If you are using GitLab, read this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is the threat? This vulnerability allows...
Cybersecurity Threat Advisory: Windows SAC and SmartScreen design flaws
A design flaw within Windows Smart App Control (SAC) and SmartScreen has allowed attackers to launch programs without triggering a security warning. Review this Cybersecurity Threat Advisory to find out how to prevent attackers from exploiting this flaw and keep...
Cybersecurity Threat Advisory: Critical GitLab vulnerabilities
GitLab has released multiple security updates that address a total of 14 vulnerabilities. Attackers can exploit one of the vulnerabilities to run pipelines as any user. Read this Cybersecurity Threat Advisory in detail to learn more about how you can...
Cybersecurity Threat Advisory: Fluent Bit critical vulnerability
This Cybersecurity Threat Advisory highlights a critical vulnerability discovered within a popular logging and metric solution called Fluent Bit. CVE-2024-4323, a new memory corruption vulnerability, has the potential to cause denial of service (DOS), information leakage, and code execution (RCE)....
