Tag: threat
Voice cloning – a growing cybersecurity threat
Just when you think you’re reasonably on top of all the cyberthreats out there, new ones emerge. Say hello to voice cloning. Or don’t say hello to it because you don’t want a scammer to have your voice. Voice cloning made...
Threat Spotlight: 3 novel phishing tactics
As cybercriminals work to make phishing attacks more effective, they are continually introducing new techniques and tactics to try to trick victims, bypass security, and avoid detection.
Cybersecurity Threat Advisory: Best practices for the holiday season
Barracuda MSP would like to wish everyone a happy holiday season! As organizations around the world are getting ready for some well-deserved time off, hackers are ramping up their infiltration efforts. Threat intel data indicates we will experience a sizable...
Beware of growing software supply chain attacks
Software supply chain attacks have been increasingly bedeviling the IT space. Recent statistics bear out the dangers of these attacks. According to a study by Israel-based Argon security: Supply chain attacks grew by more than 300 percent in 2021 over...
Cybersecurity Threat Advisory: Google zero-day vulnerability
Google has released a new patch for Google Chrome to address critical vulnerabilities in V8, WebRTC, and Chrome OS Shell components. If exploited, the vulnerabilities will allow malicious actors to perform memory corruption and privilege escalation. Barracuda MSP recommends applying...
Cybersecurity Threat Advisory: New Microsoft Azure vulnerability
Researchers at Point 42 discovered a flaw in Microsoft Azure’s Fabric, dubbed ‘FabricScape’, propagating the ongoing series of vulnerabilities that the platform has been facing. This vulnerability allows bad actors using Linux to escalate their own privileges to the extent...
Cybersecurity Threat Advisory: Mitel VoIP vulnerability
A known remote code execution vulnerability, CVE-2022-29499, was discovered with the Linux-based Mitel VoIP (Voice over Internet Protocol) application. Once exploited, this vulnerability allows a threat actor to gain root privileges to the system and plant ransomware. Barracuda MSP recommends...
Cybersecurity Threat Advisory: Apple Safari arbitrary code execution vulnerability
Apple has had an existing arbitrary code execution vulnerability in their MacOS, iOS, iPadOS, and Safari in their past 3 zero-days known as CVE-2022-22620. Google and Barracuda MSP researchers are making sure users don’t forget this. The vulnerability could allow...
Cybersecurity Threat Advisory: FastJson versions vulnerable to deserialization
A new version of FastJson has been released and has patched a vulnerability which allows malicious actors to utilize “AutoTypeCheck” mechanism and achieve remote code execution in FastJson. All Java applications that pass user-controlled data to either the JSON.parse or...
Cybersecurity Threat Advisory: A Microsoft Azure Synapse vulnerability uncovered
Security researchers at Orca uncovered a vulnerability in Microsoft Azure Synapse, dubbed SynLapse. This vulnerability lies in the ODBC or Online Database Connectivity method employed by Synapse. Once a bad actor gains access through this vulnerability, they can gain access...
