Tag: Threat Spotlight
Threat Spotlight: Web apps under active threat from 10-year-old Shellshock bugs and miners
The Shellshock bugs — there are six related CVE designations — have the highest severity rating of 10. They exist in the Unix Bash shell, which is the default command-line interface on all Linux, Unix, and Mac-based operating systems. If...
Threat Spotlight: Phishing emails using Adobe InDesign on the rise
Barracuda security researchers are warning of a recent surge in phishing attacks leveraging Adobe InDesign, a known and trusted document publishing system. Some of the attacks are targeted. According to Barracuda telemetry, there has been a near 30-fold increase since October in...
Threat Spotlight: How attackers use inbox rules to evade detection after compromise
Automated email inbox rules are a useful and familiar feature of most email clients. They help people manage their inboxes and the daily flood of wanted and unwanted communications by enabling them to move emails to specific folders, forward them...
Threat Spotlight: Attackers use 15-year-old tactics to target security flaws
Attackers are quick to exploit new opportunities for attack. The reporting of the Log4J bug in December 2021, for example, is believed to have led to a 150% increase in exploit activity the following year. However, an analysis of Barracuda’s threat detection...
Threat Spotlight: Proportion of malicious HTML attachments doubles within a year
The security industry has been highlighting the cybercriminal misuse of HTML for years — and evidence suggests it remains a successful and popular attack tool. Last year we reported that around one-in-five (21%) of all HTML attachments scanned by Barracuda in May...
Email threat types: Malware
Email attacks often come in the form of a harmless-looking email with malware attached as a .zip file or embedded in an email attachment. This malware could install ransomware, spyware, and other damaging programs. Malware is short for ‘malicious software’ and...