Sana Ansari

All posts by Sana Ansari

Sana is a Cybersecurity Analyst at Barracuda MSP. She's a security expert, working on our Blue Team within our Security Operations Center. Sana supports our XDR service delivery and is highly skilled at analyzing security events to detect cyber threats, helping keep our partners and their customers protected.

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Kemp LoadMaster and VMware vCenter vulnerabilities

Cybersecurity Threat Advisory: Kemp LoadMaster and VMware vCenter vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added critical vulnerabilities in Progress Kemp LoadMaster (CVE-2024-1212) and VMware vCenter Server (CVE-2024-38812, CVE-2024-38813) to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities allow attackers to execute arbitrary commands, gain remote...

/ November 22, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: CRON#TRAP phishing campaign

Cybersecurity Threat Advisory: CRON#TRAP phishing campaign

A new phishing campaign, identified as CRON#TRAP, are targeting Windows systems with a preloaded Linux virtual machine (VM) to evade detection to conduct malicious acts.  Continue reading this Cybersecurity Threat Advisory to learn how to protect against this phishing campaign....

/ November 6, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: SonicWall VPN vulnerability

Cybersecurity Threat Advisory: SonicWall VPN vulnerability

Fog and Akira ransomware operators are exploiting a critical SonicWall SSL VPN vulnerability, CVE-2024-40766, to breach corporate networks. Continue reading this Cybersecurity Threat Advisory to learn the tactics these groups are using and how you can reduce the risk of...

/ October 29, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: SolarWinds ARM vulnerabilities

Cybersecurity Threat Advisory: SolarWinds ARM vulnerabilities

SolarWinds has issued patches to address two vulnerabilities in its Access Rights Manager (ARM) software. Out of the two, one is a critical vulnerability that can lead to remote code execution (RCE). Review the details within this Cybersecurity Threat Advisory...

/ September 18, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Fake CrowdStrike updates observed in the wild

Cybersecurity Threat Advisory: Fake CrowdStrike updates observed in the wild

Threat actors are exploiting the recent disruption from CrowdStrike’s software update to target companies with a fake update that injects malware, including data wipers and remote access tools. Phishing emails are being used to distribute these malicious programs under the...

/ July 24, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Citrix NetScaler vulnerabilities

Cybersecurity Threat Advisory: Critical Citrix NetScaler vulnerabilities

Citrix has identified two critical vulnerabilities in its NetScaler products, including NetScaler Console, NetScaler SVM, and NetScaler Agent. These vulnerabilities can allow unauthorized access to sensitive data and lead to denial of service (DoS) attacks. Read this Cybersecurity Threat Advisory...

/ July 15, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerabilities

Cybersecurity Threat Advisory: Active exploitation of Microsoft vulnerabilities

This Cybersecurity Threat Advisory highlights a new attack technique exploiting vulnerabilities in Microsoft Management Console (MMC). By creating malicious management saved console (MSC) files that appear legitimate, attackers can bypass traditional security measures and exploit the targeted MMC. Barracuda MSP...

/ June 26, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Black Basta ransomware surge

Cybersecurity Threat Advisory: Black Basta ransomware surge

The Cybersecurity and Infrastructure Security Agency (CISA) has issued advisories in response to the widespread of Black Basta ransomware attacks. Review the recommendations detailed in this Cybersecurity Threat Advisory to defend against ransomware attacks and extortion. What is the threat?...

/ May 16, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical vulnerabilities in Forminator plugin

Cybersecurity Threat Advisory: Critical vulnerabilities in Forminator plugin

Three critical vulnerabilities have been discovered in the Forminator plugin for WordPress, affecting over 300,000 websites. Barracuda MSP advises users to review this Cybersecurity Threat Advisory in detail to learn proper measures for safeguarding your websites. What is the threat?...

/ April 26, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: AWS ‘FlowFixation’ vulnerability

Cybersecurity Threat Advisory: AWS ‘FlowFixation’ vulnerability

The AWS “FlowFixation” vulnerability, while patched in September 2023, may still pose account hijacking risks within its Amazon Managed Workflows Apache Airflow (MWAA) service. Read this Cybersecurity Threat Advisory to learn the impact and security measures to mitigate risks associated...

/ March 28, 2024