Stacey Landrum

All posts by Stacey Landrum

Stacey is a Cybersecurity Analyst at Barracuda. She's a security expert, working on our Blue Team within our Security Operations Center. Stacey supports our XDR service delivery and is highly skilled at analyzing security events to detect cyber threats, helping keep our partners and their customers protected.

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cleo file transfer critical vulnerability

Cybersecurity Threat Advisory: Cleo file transfer critical vulnerability

A critical vulnerability, identified as CVE-2024-50623, has been discovered in Cleo’s file transfer software suite. This vulnerability allows attackers to exploit an unrestricted file upload and download flaw, potentially leading to remote code execution (RCE) on vulnerable systems. Continue reading...

/ December 10, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New malware loader – BabbleLoader

Cybersecurity Threat Advisory: New malware loader – BabbleLoader

BabbleLoader is a newly identified malware loader designed for delivering information-stealing payloads such as WhiteSnake and Meduza. It demonstrates sophisticated evasion techniques that challenge both traditional antivirus solutions and modern AI-driven detection systems. Read this Cybersecurity Threat Advisory to learn...

/ November 20, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: VMware critical vulnerability

Cybersecurity Threat Advisory: VMware critical vulnerability

VMware has recently released software updates to address a security flaw believed to have already been patched in vCenter Server. The vulnerability, known as CVE-2024-38812 with a CVSS score of 9.8, is a heap-overflow vulnerability. Continue reading this Cybersecurity Threat...

/ October 26, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Windows Kernel vulnerability used in espionage campaign

Cybersecurity Threat Advisory: Windows Kernel vulnerability used in espionage campaign

Researchers have observed the well-known cyber espionage group OilRig exploiting a now-patched privilege escalation vulnerability (CVE-2024-30088) in the Windows Kernel to conduct espionage operations. Read this Cybersecurity Threat Advisory to learn more about the espionage campaign and how to avoid...

/ October 17, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Apache Avro SDK vulnerability

Cybersecurity Threat Advisory: Apache Avro SDK vulnerability

A critical security flaw in the Apache Avro Java Software Development Kit (SDK), tracked as CVE-2024-47561, poses a significant threat to systems using this data serialization framework. A successful exploitation allows an attacker to execute arbitrary code on vulnerable instances....

/ October 9, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Active exploitation of Ivanti CSA vulnerability

Cybersecurity Threat Advisory: Active exploitation of Ivanti CSA vulnerability

A new vulnerability known as CVE-2024-8190 is affecting Ivanti Cloud Services Appliance (CSA) and is being actively exploited. This OS command injection vulnerability allows a remote, authenticated attacker to execute arbitrary commands on the system. Review the details in this...

/ September 18, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical zero-click vulnerability in Microsoft Outlook

Cybersecurity Threat Advisory: Critical zero-click vulnerability in Microsoft Outlook

A critical zero-click remote code execution (RCE) vulnerability, identified as CVE-2024-30103, was recently discovered in Microsoft Outlook. This flaw allows malicious actors to execute arbitrary code on a victim’s system simply by opening a specially crafted email. Review the details...

/ August 15, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Veeam Backup vulnerability exploit

Cybersecurity Threat Advisory: Veeam Backup vulnerability exploit

The Veeam Backup & Replication vulnerability, CVE-2023-27532, which was patched in March 2023 is still being exploited. Attackers have managed to exploit unpatched systems to launch ransomware attacks since April 2024. Barracuda MSP recommends reviewing this Cybersecurity Threat Advisory in...

/ July 17, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New Microsoft Outlook client vulnerability

Cybersecurity Threat Advisory: New Microsoft Outlook client vulnerability

A recent Microsoft Outlook client zero-click remote code execution (RCE) vulnerability, CVE-2024-30103, has a CVSS score of 8.8. Review this Cybersecurity Threat Advisory to limit the impact this vulnerability may have on your organization. What is the threat? CVE-2024-30103 allows...

/ June 14, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New ShrinkLocker ransomware strains

Cybersecurity Threat Advisory: New ShrinkLocker ransomware strains

ShrinkLocker is a recent ransomware strain that leverages a legitimate Windows encryption feature, BitLocker, to lock victims out of their devices. It shrinks the partition, increasing the impact of the attack. Review this Cybersecurity Threat Advisory in detail to prevent...

/ June 5, 2024