Cybersecurity Threat Advisory: New malware campaign from Log4j security flaw
The hacker group, known as Lazarus, is linked to a global campaign. It involves an old security flaw found in Log4j to deploy previously unknown remote access trojans (RATs) on compromised hosts. To learn more and limit the impact of...
Cybersecurity Threat Advisory: Critical Outlook vulnerability exploited
Microsoft recently discovered Russian state-sponsored hacker group APT28 (“Fancybear” or “Strontium”) exploiting a critical Outlook flaw to gain access to Microsoft Exchange accounts and steal their critical information. This Cybersecurity Threat Advisory looks at the threat and recommendations to protect...
Cybersecurity Threat Advisory: New vulnerability for Windows users
A new vulnerability has been identified which could compromise the security of Windows users. The vulnerability discussed in this Cybersecurity Threat Advisory, known as “forced authentication,” gives an attacker access to a user’s NT LAN Manager (NTLM) tokens by tricking...
Cybersecurity Threat Advisory: ‘LittleDrifter’ extends its reach
This Cybersecurity Threat Advisory sheds light on a recently discovered USB worm identified as “LittleDrifter” has been attributed to the Russia-linked hacker group known as Gamaredon. The worm has spread beyond its presumed intended target, Ukraine, to other countries including...
Cybersecurity Threat Advisory: Bibi-Windows Wiper on the rise
Israel has recently been the target of cyberattacks involving a wiper malware that was previously observed to target both Linux and Windows systems. The wiper, named “BiBi-Windows Wiper”, has been used by a pro-Hamas hacker group in the wake of...
Cybersecurity Threat Advisory: HelloKitty group targets Apache
This Cybersecurity Threat Advisory discusses a new critical security flaw that was discovered in the Apache ActiveMQ open-source message broker service. This security flaw can potentially result in remote code execution, which is currently being exploited by the HelloKitty ransomware...
Cybersecurity Threat Advisory: Atlassian confluence vulnerability
This Cybersecurity Threat Advisory highlights a new security flaw that has recently been discovered in Atlassian’s Confluence Data Center and Server, which could result in significant data loss if exploited. Tracked as CVE-2023-22518, this vulnerability is rated 9.1 out of...
Cybersecurity Threat Advisory: HTTP/2 vulnerability
Amazon Web Services (AWS), Cloudflare, and Google announced measures to mitigate unprecedented distributed denial-of-service (DDoS) attacks that utilize an innovative HTTP/2 Rapid Reset technique. In this Cybersecurity Threat Advisory, learn the details of this threat, what the risks are, and...
Cybersecurity Threat Advisory: Microsoft Sharepoint Server exploit
A proof-of-concept exploit code has surfaced on GitHub for a crucial authentication bypass vulnerability in Microsoft SharePoint Server. The exploit allows attackers to escalate privileges in Microsoft SharePoint Servers. Barracuda MSP recommends reviewing this Cybersecurity Threat Advisory in detail to...
Cybersecurity Threat Advisory: New Cisco vulnerabilities discovered
Cisco is warning of five new Catalyst SD-WAN Manager product vulnerabilities. The most critical vulnerability allows unauthorized remote access to the server. Multiple vulnerabilities were discovered in SD-WAN Manager that allows an attacker to access the compromised instance or cause...
