Cybersecurity Threat Advisory: New custom malware discovered
Researchers have uncovered a year-long, highly targeted cyber-attack utilizing custom malware called RDStealer. The bespoke malware campaign against an East Asian IT company has been active for more than a year with the intent to compromise credentials and exfiltrating data....
Cybersecurity Threat Advisory: AWS exploited for crypto mining operation
Indonesian cybercriminals are exploiting Amazon Web Services (AWS) instances to carry out illicit crypto mining activities. The GUI-vil group has been identified as the threat actors on this exploit. What is the threat? GUI-vil, a financially motivated threat actor, leverages...
Cybersecurity Threat Advisory: New QBot malware delivering campaigns discovered
A new QBot malware campaign has been discovered. Using hijacked business emails, bad actors are distributing PDF and WSF file formats in reply-chain phishing emails to distribute malware. The campaign is designed to steal sensitive data from the target system,...
Cybersecurity Threat Advisory: Malicious packages found in Python Package Index (PyPI)
New malicious packages were discovered on the Python Package Index (PyPI) that can steal passwords, authentication cookies, and cryptocurrency wallets from developers.
Cybersecurity Threat Advisory: OneNote malware delivery
Multiple threat actors are now using OneNote documents to deliver malware. In the last month alone, over 50 OneNote campaigns delivering different malware payloads through email attachments have been observed.
Cybersecurity Threat Advisory: NortonLifeLock compromised
Recently, thousands of NortonLifeLock customers had their accounts compromised, potentially allowing malicious actors to access user password managers. Gen Digital, Norton LifeLock’s parent company, has sent notices to over 6,000 customers whose accounts were compromised.
Cybersecurity Threat Advisory: Linux Kernel Vulnerability
The Zero Day Initiative (ZDI) has disclosed a new Linux Kernel Vulnerability that could lead to code execution in the context of the kernel. The security flaw is a bug in the new Linux 5.15 SMB3 server, ksmbd. The ZDI...
Cybersecurity Threat Advisory: Best practices for the holiday season
Barracuda MSP would like to wish everyone a happy holiday season! As organizations around the world are getting ready for some well-deserved time off, hackers are ramping up their infiltration efforts. Threat intel data indicates we will experience a sizable...
Cybersecurity Threat Advisory: Citrix Zero-Day Vulnerability
Today, Citrix has released a critical security update to address a zero-day vulnerability. Upon a successful exploitation, an unauthenticated remote attacker could perform code execution leading to system takeover. Both Citrix and the NSA stated they are aware of targeted...
Cybersecurity Threat Advisory: New FortiOS patches available
Today, Fortinet disclosed information regarding a vulnerability that allows a remote attacker to execute code without authentication. The vulnerability, tracked as CVE-2022-42475, has a severity score of 9.3. Fortinet mentioned that they are aware of an instance where it has...
