Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: XLoader malware targeting macOS
Today’s Cybersecurity Threat Advisory sheds light on a resurgence of XLoader malware in the wild targeting macOS systems as a disguised “OfficeNote” application. This trojan leverages social engineering tactics to entice users into downloading and executing the malicious app that...
Cybersecurity Threat Advisory: New Microsoft support scam
The latest Cybersecurity Threat Advisory highlights the new false advertisement for Amazon through Google search engine. The advertisement redirects users to a Microsoft Defender support scam that locks up their browser. Barracuda MSP recommends avoiding clicking on any “Sponsored” result...
Cybersecurity Threat Advisory: Global ransomware campaign targeting MSPs
In the latest Cybersecurity Threat Advisory, we discuss The Play Ransomware Group, also known as PlayCrypt, who are currently waging a global cyberattack campaign against multiple managed service providers (MSPs). Their primary targets are midsize businesses in sectors like finance,...
Cybersecurity Threat Advisory: Citrix NetScaler servers actively being exploited
This Cybersecurity Threat Advisory highlights the nearly 2,000 Citrix NetScaler servers have been compromised through a sophisticated hacking campaign. The attackers exploited a critical vulnerability, CVE-2023-3519, to implant web shells on the targeted servers. This poses a severe threat as...
Cybersecurity Threat Advisory: Microsoft .NET vulnerability
This Cybersecurity Threat Advisory highlights a patched security flaw in Microsoft .NET and Visual Studio products that has been cited for active exploitation. To mitigate this vulnerability, users are advised to apply security updates as soon as possible. What is...
Cybersecurity Threat Advisory: Microsoft zero-day exploit
This Cybersecurity Threat Advisory highlights a high-severity Microsoft Office and Windows HTML remote code execution vulnerability, CVE-2023-36884, with a base CVSS score of 8.3 has been discovered. Through this vulnerability attackers can execute arbitrary code on affected systems, leading to...
Cybersecurity Threat Advisory: Atlassian remote code execution (RCE) bugs
This Cybersecurity Threat Advisory highlights RCE vulnerabilities discovered in Atlassian Confluence Data Center & Server and Bamboo. Atlassian has released patches to address these security flaws, which could potentially allow attackers to execute arbitrary code on affected systems. Barracuda MSP...
Cybersecurity Threat Advisory: OpenSSH vulnerability on Linux systems
In this Cybersecurity Threat Advisory, a critical security flaw in OpenSSH, CVE-2023-38408 has been discovered. This vulnerability could potentially lead to remote code execution in OpenSSH’s forwarded SSH agent, affecting Linux systems and posing a significant threat to organizations’ cybersecurity posture....
Cybersecurity Threat Advisory: Zero-day vulnerabilities found in Atera RMM
The latest Cybersecurity Threat Advisory involves two zero-day vulnerabilities that were discovered in Atera RMM Windows installers. These two vulnerabilities are deemed critical and provide privilege escalation capabilities upon a successful exploitation. Barracuda MSP recommends updating to version 1.8.4.9 to...
Critical Adobe ColdFusion vulnerability
The latest cybersecurity threat advisory highlights vulnerabilities affecting Adobe ColdFusion versions 2018, 2021, and 2023, which are actively being exploited by threat actors in the wild. A successful exploitation can lead to arbitrary code execution and security feature bypass. Barracuda...