Devyn Souza

All posts by Devyn Souza

Devyn is a Cybersecurity Analyst at Barracuda. He's a security expert, working on our Blue Team within our Security Operations Center. Devyn supports our XDR service delivery and is highly skilled at analyzing security events to detect cyber threats, helping keep our partners and their customers protected.

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New critical GitLab SAML vulnerability

Cybersecurity Threat Advisory: New critical GitLab SAML vulnerability

A new critical GitLab vulnerability within RUBY-SAML and OmniAuth-SAML libraries to bypass SAML authentication was disclosed. If you are using GitLab, read this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is the threat? This vulnerability allows...

/ October 10, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Windows SAC and SmartScreen design flaws

Cybersecurity Threat Advisory: Windows SAC and SmartScreen design flaws

A design flaw within Windows Smart App Control (SAC) and SmartScreen has allowed attackers to launch programs without triggering a security warning. Review this Cybersecurity Threat Advisory to find out how to prevent attackers from exploiting this flaw and keep...

/ August 7, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical GitLab vulnerabilities

Cybersecurity Threat Advisory: Critical GitLab vulnerabilities

GitLab has released multiple security updates that address a total of 14 vulnerabilities. Attackers can exploit one of the vulnerabilities to run pipelines as any user. Read this Cybersecurity Threat Advisory in detail to learn more about how you can...

/ July 2, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Fluent Bit critical vulnerability

Cybersecurity Threat Advisory: Fluent Bit critical vulnerability

This Cybersecurity Threat Advisory highlights a critical vulnerability discovered within a popular logging and metric solution called Fluent Bit. CVE-2024-4323, a new memory corruption vulnerability, has the potential to cause denial of service (DOS), information leakage, and code execution (RCE)....

/ May 22, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: XZ Utils supply chain vulnerability

Cybersecurity Threat Advisory: XZ Utils supply chain vulnerability

A supply chain vulnerability was found in XZ Utils that creates a backdoor into OpenSSH and can lead to remote code execution (RCE). Read this Cybersecurity Threat Advisory to learn about this supply chain vulnerability and how to reduce your...

/ April 5, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: TeamCity’s server vulnerabilities

Cybersecurity Threat Advisory: TeamCity’s server vulnerabilities

This Cybersecurity Threat Advisory highlights JetBrains’ TeamCity vulnerabilities found in the CI/CD Server. One vulnerability allows unauthenticated access to an instance while the other allows for unauthenticated information disclosure and modification. What is the threat? A critical-severity authentication bypass vulnerability...

/ March 9, 2024