Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Command injection flaw in Zyxel NAS devices
Zyxel, a networking equipment manufacturer, has released urgent security updates to address critical vulnerabilities in their network-attached storage devices. CVE-2023-27992 (CVSS score: 9.8) has been declared as a pre-authentication command injection vulnerability. What is the threat? The threat involves multiple vulnerabilities...
Cybersecurity Threat Advisory: New custom malware discovered
Researchers have uncovered a year-long, highly targeted cyber-attack utilizing custom malware called RDStealer. The bespoke malware campaign against an East Asian IT company has been active for more than a year with the intent to compromise credentials and exfiltrating data....
Cybersecurity Threat Advisory: Critical vulnerabilities with ASUS routers
ASUS recently released critical security updates for several vulnerabilities across multiple router models. Two out of the nine vulnerabilities are categorized as Critical, including an out-of-bounds write vulnerability and a memory corruption flaw. Barracuda SOC recommends applying the latest security...
Cybersecurity Threat Advisory: New remote control escalation vulnerability – updated
Fortinet recently released updates for several products utilizing SSL-VPN functionalities after discovering a critical vulnerability. The major flaw discovered gives the ability to an attacker to perform an unauthenticated remote code execution on devices. Barracuda SOC recommends updating Fortinet products...
Cybersecurity Threat Advisory: “File Archiver in the Browser” exploits
A new skilled and clever “File Archiver in the Browser” phishing trick that utilizes ZIP domains has surfaced. Bad actors can employ this technique to deceive users into downloading malicious files, compromise systems, and potentially gaining unauthorized access. What is...
Cybersecurity Threat Advisory: Critical MOVEit transfer vulnerability
A critical vulnerability has been discovered in MOVEit Transfer, a commonly used managed file transfer (MFT) solution developed by Progress Software. This vulnerability allows remote attackers to execute arbitrary code on affected systems. The vulnerability is actively exploited in the...
Cybersecurity Threat Advisory: AWS exploited for crypto mining operation
Indonesian cybercriminals are exploiting Amazon Web Services (AWS) instances to carry out illicit crypto mining activities. The GUI-vil group has been identified as the threat actors on this exploit. What is the threat? GUI-vil, a financially motivated threat actor, leverages...
Cybersecurity Threat Advisory: Three Apple zero-day vulnerabilities
Apple released security updates to address three new zero-day vulnerabilities being exploited in the wild. These vulnerabilities are associated with WebKit and covers different intrusion methods. Barracuda MSP recommends applying the latest security updates from Apple to resolve these vulnerabilities....
Cybersecurity Threat Advisory: Cisco Small Business Switches remote attack vulnerabilities
Multiple vulnerabilities have been discovered in Cisco Small Business routers, allowing bad actors to remotely execute arbitrary code with root privileges on an affected device and cause a denial of service (DoS) condition. These vulnerabilities are due to improper validation of requests...
Cybersecurity Threat Advisory: Critical PaperCut vulnerability actively exploited
A new vulnerability, CVE-2023-27350, has been discovered which affects PaperCut MF and NG print management software. Successful exploitation of the vulnerability would allow attackers to access sensitive user information (usernames, email addresses, office/department information, and card numbers) without authentication. A...
