Laila Mubashar

All posts by Laila Mubashar

Laila is a Cybersecurity Analyst at Barracuda MSP. She's a security expert, working on our Blue Team within our Security Operations Center. Laila supports our XDR service delivery and is highly skilled at analyzing security events to detect cyber threats, helping keep our partners and their customers protected.

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Oracle WebLogic Server vulnerability

Cybersecurity Threat Advisory: Oracle WebLogic Server vulnerability

There has been active exploitation of a critical operating system (OS) command injection vulnerability, known as CVE-2017-3506, found in the Oracle WebLogic Server. The impact can be severe, ranging from financial loss to reputational damage. Review this Cybersecurity Threat Advisory...

/ June 5, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical flaws discovered in Cacti framework

Cybersecurity Threat Advisory: Critical flaws discovered in Cacti framework

This Cybersecurity Threat Advisory breaks down multiple critical vulnerabilities in the Cacti framework, an open-source network monitoring and fault management tool. Successful exploitation of these vulnerabilities could allow attackers to execute arbitrary code and compromise network infrastructure. Continue reading this...

/ May 15, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical GitLab bug

Cybersecurity Threat Advisory: Critical GitLab bug

A critical vulnerability in GitLab, labelled CVE-2023-7028, is under active attack by threat actors to achieve account takeover, as reported by the Cybersecurity and Infrastructure Security Agency (CISA). Barracuda MSP recommends GitLab users review this Cybersecurity Threat Advisory now to...

/ May 10, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New vulnerability in Apple M-chip

Cybersecurity Threat Advisory: New vulnerability in Apple M-chip

A new security exploit, GoFetch, was found in Apple’s M-chip architecture. It takes advantage of data memory-dependent prefetchers (DMPs) and could use the device as a new attack vector. Continue reading this Cybersecurity Threat Advisory to learn how you can...

/ March 27, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Fortinet vulnerability

Cybersecurity Threat Advisory: Critical Fortinet vulnerability

A critical vulnerability is affecting many Fortinet devices. Approximately 150,000 Fortinet OS and FortiProxy Secure Web Gateway systems are believed to be exposed to this flaw. Continue reading this Cybersecurity Threat Advisory to learn how you can mitigate the potential...

/ March 14, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New Ivanti vulnerability

Cybersecurity Threat Advisory: New Ivanti vulnerability

Ivanti has warned customers of a new security flaw that could allow attackers to bypass authentication. The vulnerability, CVE-2024-22024, has received a CVSS score of 8.3. Read this Cybersecurity Threat Advisory to learn the significant risk this threat poses to...

/ February 14, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Patches for critical vulnerabilities

Cybersecurity Threat Advisory: Patches for critical vulnerabilities

Security patches were recently released from various vendors including Cisco, Fortinet, and VMware. Read this Cybersecurity Threat Advisory as it shares the impact of each of the vulnerabilities and how to mitigate the risks they pose. What is the threat?...

/ February 9, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: NTLM password hash leaks

Cybersecurity Threat Advisory: NTLM password hash leaks

This Cybersecurity Threat Advisory highlights a new Microsoft vulnerability that attackers are actively exploiting to steal NTLM (NT LAN Manager) hashes. Read the full article to learn the severity of the threat and recommendations to mitigate the organization’s risks. What...

/ January 24, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: End-of-Life firewalls actively exploited

Cybersecurity Threat Advisory: End-of-Life firewalls actively exploited

Sophos recently addressed a critical vulnerability CVE-2022-3236 involving end-of-life (EOL) firewalls that had been actively exploited. The vulnerability prompted Sophos to release patches for unsupported firewalls after reports of successful attacks on these systems surfaced. Read this Cybersecurity Threat Advisory...

/ December 15, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Urgent Veeam ONE vulnerabilities

Cybersecurity Threat Advisory: Urgent Veeam ONE vulnerabilities

Several serious security flaws have been found in the Veeam ONE platform for analytics and IT infrastructure monitoring. These vulnerabilities may result in data breaches, illegal access, and NTLM hash theft. To fix these problems, Veeam has published security patches...

/ November 8, 2023