Vincent Yu

All posts by Vincent Yu

Vincent is a Cybersecurity Analyst at Barracuda MSP. He's a security expert, working on our Blue Team within our Security Operations Center. Vincent supports our XDR service delivery and is highly skilled at analyzing security events to detect cyber threats, helping keep our partners and their customers protected.

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cicada3301 ransomware variant

Cybersecurity Threat Advisory: Cicada3301 ransomware variant

A new ransomware variant has been found, known as Cicada3301. It exhibits similarities to the defunct BlackCat (ALPHV) operation, and it targets both Windows and Linux systems. Review the details in this Cybersecurity Threat Advisory to learn how this variant...

/ September 6, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: VMware ESXi vulnerability exploited by BlackByte ransomware

Cybersecurity Threat Advisory: VMware ESXi vulnerability exploited by BlackByte ransomware

BlackByte ransomware group is actively exploiting CVE-2024-37085, a recently patched authentication bypass vulnerability in VMware ESXi hypervisors. The exploitation of this flaw has led to the deployment of ransomware across victim networks. BlackByte ransomware group has marked it as a...

/ September 3, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Exploited Jenkins vulnerability

Cybersecurity Threat Advisory: Exploited Jenkins vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability found in Jenkins, identified as CVE-2024-23897 with a CVSS score of 9.8, to its Known Exploited Vulnerabilities (KEV) catalogue. This vulnerability is a path traversal flaw within the...

/ August 21, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: EDRKillShifter, a growing threat

Cybersecurity Threat Advisory: EDRKillShifter, a growing threat

A cybercrime group associated with the RansomHub ransomware has been observed using a newly developed tool named “EDRKillShifter” to disable endpoint detection and response (EDR) software on compromised systems. This tool is the latest in a growing list of EDR-killing...

/ August 17, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Cisco Smart Install vulnerability

Cybersecurity Threat Advisory: Cisco Smart Install vulnerability

There has been a surge in malicious cyber activities exploiting the Cisco Smart Install (SMI) legacy feature. This legacy feature if enabled by default on many Cisco devices, allowing threat actors to gain unauthorized access to network devices, allowing them...

/ August 13, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Cisco vulnerability

Cybersecurity Threat Advisory: Critical Cisco vulnerability

Cisco has disclosed a critical vulnerability, CVE-2024-20419, that affects the Smart Software Manager On-Prem (SSM On-Prem). Successful exploitation of this flaw allows unauthenticated remote threat actors to change administrative passwords. Review the details in this Cybersecurity Threat Advisory to mitigate...

/ July 19, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: MOVEit Transfer vulnerability exploit

Cybersecurity Threat Advisory: MOVEit Transfer vulnerability exploit

Progress Software has released a patch for a high-severity vulnerability in MOVEit Transfer, identified as CVE-2024-5806. This vulnerability is currently under active attack and allows attackers to bypass authentication mechanisms. Organizations using MOVEit Transfer should review this Cybersecurity Threat Advisory...

/ June 28, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: VMware privilege escalation vulnerabilities

Cybersecurity Threat Advisory: VMware privilege escalation vulnerabilities

VMware has released patches to address critical vulnerabilities impacting Cloud Foundation, vCenter Server, and vSphere ESXi, which could be exploited to achieve privilege escalation and remote code execution. The flaws, identified as CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081, have high CVSS scores....

/ June 21, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Foxit PDF Reader vulnerability

Cybersecurity Threat Advisory: Foxit PDF Reader vulnerability

A critical Foxit PDF Reader vulnerability are generating unusual pattern of behaviors. This exploit triggers security warnings designed to deceive users to execute harmful commands. Read this Cybersecurity Threat Advisory to learn recommendations to minimize your risks. What is the...

/ May 23, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: R programming vulnerability

Cybersecurity Threat Advisory: R programming vulnerability

A critical security flaw known as CVE-2024-27322 with a CVSS score of 8.8, has been discovered within the R programming language. Attackers can craft malicious RDS files or R packages that embed arbitrary R code. Barracuda MSP recommends reading this...

/ May 2, 2024