Stacey Landrum

All posts by Stacey Landrum

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New Microsoft Outlook client vulnerability

Cybersecurity Threat Advisory: New Microsoft Outlook client vulnerability

A recent Microsoft Outlook client zero-click remote code execution (RCE) vulnerability, CVE-2024-30103, has a CVSS score of 8.8. Review this Cybersecurity Threat Advisory to limit the impact this vulnerability may have on your organization. What is the threat? CVE-2024-30103 allows...

/ June 14, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New ShrinkLocker ransomware strains

Cybersecurity Threat Advisory: New ShrinkLocker ransomware strains

ShrinkLocker is a recent ransomware strain that leverages a legitimate Windows encryption feature, BitLocker, to lock victims out of their devices. It shrinks the partition, increasing the impact of the attack. Review this Cybersecurity Threat Advisory in detail to prevent...

/ June 5, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: F5 BIG-IP Next Central Manager vulnerabilities

Cybersecurity Threat Advisory: F5 BIG-IP Next Central Manager vulnerabilities

Two high-severity vulnerabilities were discovered in the F5 BIG-IP Next Central Manager API allowing attackers to gain full administrative control and create hidden, persistent backdoors on managed devices. Barracuda MSP recommends reading this Cybersecurity Threat Advisory to learn which steps...

/ May 10, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: RCE vulnerabilities in HPE Aruba Networking devices

Cybersecurity Threat Advisory: RCE vulnerabilities in HPE Aruba Networking devices

HPE Aruba Networking has disclosed that critical remote code execution (RCE) vulnerabilities are impacting multiple versions of ArubaOS. Out of the ten vulnerabilities found, four pose critical risks of unauthenticated buffer overflows in various services. Read this Cybersecurity Threat Advisory...

/ May 8, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Active exploit of Atlassian Confluence

Cybersecurity Threat Advisory: Active exploit of Atlassian Confluence

This Cybersecurity Threat Advisory details the exploitation of the critical vulnerability CVE-2023-22518 in the Atlassian Confluence Data Center and Server. Attackers are deploying a Linux variant of Cerber (aka C3RB3R) ransomware. This allows unauthenticated attackers to reset Confluence and create...

/ April 18, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: OpenEdge authentication bypass vulnerability

Cybersecurity Threat Advisory: OpenEdge authentication bypass vulnerability

A critical vulnerability (CVE-2024-1403) affecting Progress Software OpenEdge Authentication Gateway and AdminServer impacts versions 11.7.18 and earlier, 12.2.13 and earlier, and 12.8.0. The vulnerability allows unauthorized access due to manipulation of username and password combinations during the authentication process. Review...

/ March 13, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: AnyDesk production system breach

Cybersecurity Threat Advisory: AnyDesk production system breach

AnyDesk confirmed that a cyberattack on their production systems has taken place. This has caused AnyDesk users to become vulnerable to data breaches, phishing attacks, and malware. Barracuda MSP recommends updating to the latest version of Windows (8.0.8) immediately and...

/ February 5, 2024