Laila Mubashar

All posts by Laila Mubashar

Laila is a Cybersecurity Analyst at Barracuda MSP. She's a security expert, working on our Blue Team within our Security Operations Center. Laila supports our XDR service delivery and is highly skilled at analyzing security events to detect cyber threats, helping keep our partners and their customers protected.

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New vulnerability in Apple M-chip

Cybersecurity Threat Advisory: New vulnerability in Apple M-chip

A new security exploit, GoFetch, was found in Apple’s M-chip architecture. It takes advantage of data memory-dependent prefetchers (DMPs) and could use the device as a new attack vector. Continue reading this Cybersecurity Threat Advisory to learn how you can...

/ March 27, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Fortinet vulnerability

Cybersecurity Threat Advisory: Critical Fortinet vulnerability

A critical vulnerability is affecting many Fortinet devices. Approximately 150,000 Fortinet OS and FortiProxy Secure Web Gateway systems are believed to be exposed to this flaw. Continue reading this Cybersecurity Threat Advisory to learn how you can mitigate the potential...

/ March 14, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New Ivanti vulnerability

Cybersecurity Threat Advisory: New Ivanti vulnerability

Ivanti has warned customers of a new security flaw that could allow attackers to bypass authentication. The vulnerability, CVE-2024-22024, has received a CVSS score of 8.3. Read this Cybersecurity Threat Advisory to learn the significant risk this threat poses to...

/ February 14, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Patches for critical vulnerabilities

Cybersecurity Threat Advisory: Patches for critical vulnerabilities

Security patches were recently released from various vendors including Cisco, Fortinet, and VMware. Read this Cybersecurity Threat Advisory as it shares the impact of each of the vulnerabilities and how to mitigate the risks they pose. What is the threat?...

/ February 9, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: NTLM password hash leaks

Cybersecurity Threat Advisory: NTLM password hash leaks

This Cybersecurity Threat Advisory highlights a new Microsoft vulnerability that attackers are actively exploiting to steal NTLM (NT LAN Manager) hashes. Read the full article to learn the severity of the threat and recommendations to mitigate the organization’s risks. What...

/ January 24, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: End-of-Life firewalls actively exploited

Cybersecurity Threat Advisory: End-of-Life firewalls actively exploited

Sophos recently addressed a critical vulnerability CVE-2022-3236 involving end-of-life (EOL) firewalls that had been actively exploited. The vulnerability prompted Sophos to release patches for unsupported firewalls after reports of successful attacks on these systems surfaced. Read this Cybersecurity Threat Advisory...

/ December 15, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Urgent Veeam ONE vulnerabilities

Cybersecurity Threat Advisory: Urgent Veeam ONE vulnerabilities

Several serious security flaws have been found in the Veeam ONE platform for analytics and IT infrastructure monitoring. These vulnerabilities may result in data breaches, illegal access, and NTLM hash theft. To fix these problems, Veeam has published security patches...

/ November 8, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Atlassian remote code execution (RCE) bugs

Cybersecurity Threat Advisory: Atlassian remote code execution (RCE) bugs

This Cybersecurity Threat Advisory highlights RCE vulnerabilities discovered in Atlassian Confluence Data Center & Server and Bamboo. Atlassian has released patches to address these security flaws, which could potentially allow attackers to execute arbitrary code on affected systems. Barracuda MSP...

/ July 26, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Command injection flaw in Zyxel NAS devices

Cybersecurity Threat Advisory: Command injection flaw in Zyxel NAS devices

Zyxel, a networking equipment manufacturer, has released urgent security updates to address critical vulnerabilities in their network-attached storage devices. CVE-2023-27992 (CVSS score: 9.8) has been declared as a pre-authentication command injection vulnerability. What is the threat? The threat involves multiple vulnerabilities...

/ June 26, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: “File Archiver in the Browser” exploits

Cybersecurity Threat Advisory: “File Archiver in the Browser” exploits

A new skilled and clever “File Archiver in the Browser” phishing trick that utilizes ZIP domains has surfaced. Bad actors can employ this technique to deceive users into downloading malicious files, compromise systems, and potentially gaining unauthorized access. What is...

/ June 7, 2023