Tag: Threat Spotlight
Threat Spotlight: Phishing techniques to look out for in 2025
Over the last few months, Barracuda’s threat analysts have reported on several advanced phishing techniques implemented by attackers to evade security controls and make malicious emails look more convincing, legitimate, and personal. In this blog post, we look at how these and...
Threat Spotlight: Bad bots are evolving to become more ‘human’
The bot landscape is changing. Malicious — or bad bots — are evolving to become more advanced and human-like in their behavior, while an emerging category of AI bots, which we might think of as “grey bots,” is blurring the...
Threat Spotlight: Evolving ‘we know where you live’ tactics personalize sextortion scams
Sextortion scams are a type of extortion where criminals attempt to extort money from victims by threatening to release explicit images or videos unless demands are met. Leveraging usernames and passwords stolen in data breaches, criminals contact victims and claim...
Threat Spotlight: The evolving use of QR codes in phishing attacks
QR code phishing, also known as quishing, is a type of social engineering attack. Cybercriminals try to trick victims into using the camera on their mobile phone to scan a QR code that goes to a malicious website to steal sensitive...
Threat Spotlight: How ransomware for rent rules the threat landscape
This year’s annual review of ransomware attacks looks at the threat from two perspectives. First, for the third year running we’ve taken a global sample of reported ransomware attacks and analyzed what they tell us about ransomware attackers and their...
Threat Spotlight: The remote desktop tools most targeted by attackers in the last year
Remote desktop software allows employees to connect into their computer network without being physically linked to the host device or even in the same location. This makes it a useful tool for a distributed or remote workforce. Unfortunately, remote desktop...
Threat Spotlight: Web apps under active threat from 10-year-old Shellshock bugs and miners
The Shellshock bugs — there are six related CVE designations — have the highest severity rating of 10. They exist in the Unix Bash shell, which is the default command-line interface on all Linux, Unix, and Mac-based operating systems. If...
Threat Spotlight: How attackers are targeting your web applications right now
The number of attacks targeting web applications and application programming interfaces (APIs) has increased significantly. Barracuda mitigated more than 18 billion attacks against applications during 2023, including 1.716 billion in December alone. Web applications are computer programs that are accessed...
Threat Spotlight: Phishing emails using Adobe InDesign on the rise
Barracuda security researchers are warning of a recent surge in phishing attacks leveraging Adobe InDesign, a known and trusted document publishing system. Some of the attacks are targeted. According to Barracuda telemetry, there has been a near 30-fold increase since October in...
Threat Spotlight: How attackers use inbox rules to evade detection after compromise
Automated email inbox rules are a useful and familiar feature of most email clients. They help people manage their inboxes and the daily flood of wanted and unwanted communications by enabling them to move emails to specific folders, forward them...
