Results for: ransomware
Email breach delays can multiply ransomware risk eight-fold
Email breaches affect almost all organizations. The new Email Security Breach Report 2025 reveals the worrying fact that 78 percent of organizations experienced an email breach in the last year. Only half of them detected the breach within an hour....
Cybersecurity Threat Advisory: SonicWall VPNs targeted by Akira ransomware
Akira ransomware operators have launched an aggressive campaign targeting SonicWall VPN appliances. Attackers have already breached accounts protected by multi-factor authentication (MFA) successfully, leveraging vulnerabilities in SonicWall Secure Mobile Access (SMA) and SSL-VPN portals. The campaign is characterized by rapid...
Why ransomware attackers keep coming back for more
Ransomware is an escalating threat, powered by its ability to evolve and adapt to a changing security landscape. Organizations around the world continue to fall victim to ransomware, often repeatedly, and the impact of these attacks can be devastating. We...
Cybersecurity Threat Advisory: SonicWall SSL VPN targeted by Akira ransomware – updated
Update: This post was updated on August 7, 2025, to reflect corrected information regarding this threat. An Akira ransomware campaign is specifically targeting SonicWall SSL VPN devices. Attackers are actively exploiting these vulnerabilities to gain unauthorized access to corporate networks....
Cybersecurity Threat Advisory: Critical Fortinet vulnerability exploited by Qilin ransomware
The Qilin ransomware group is exploiting two critical Fortinet vulnerabilities that allow attackers to bypass authentication and execute remote code on vulnerable systems. Read this Cybersecurity Threat Advisory to discover the tactics used and the best practices you can implement...
The SOC case files: Ransomware gang reemerges to face a wall of XDR defenses
Dive into this edition of ‘The SOC case files’ to see how the Barracuda’s Managed XDR team recently contained a suspected ransomware attack after the attackers gained access to a company’s network before it installed Managed XDR, compromising several Windows...
Cybersecurity Threat Advisory: BYOVD attacks leveraged by Medusa ransomware
The Medusa ransomware-as-a-service (RaaS) operation has recently been observed using a malicious driver named ABYSSWORKER in Bring Your Own Vulnerable Driver (BYOVD) attacks. This technique allows threat actors to disable security software by exploiting legitimate, vulnerable drivers to gain kernel-level...
Medusa ransomware and its cybercrime ecosystem
Greek mythology says the Medusa was once a beautiful woman until Athena’s curse transformed her into a winged creature with a head full of snakes. Because of her power to petrify anyone who looked directly upon her face, she is...
XDR roundup 2024: Ransomware rises fourfold in a year of complex threats
In 2024, Barracuda Managed XDR logged many trillions of IT events to identify the critical security threats targeting organizations and neutralize malicious activity. Threat analysts in Barracuda Managed XDR’s Security Operations Center (SOC) have drawn on this unique dataset to highlight the...
The SOC case files: XDR detects Akira ransomware exploiting a ‘ghost’ account
This edition of the SOC case files showcases how Barracuda Managed XDR detects a breach via a ‘ghost’ account and an unprotected server. The SOC is part of Barracuda Managed XDR, an extended visibility, detection, and response (XDR) service that...
