Tag: Threat Spotlight
Threat Spotlight: Web apps under active threat from 10-year-old Shellshock bugs and miners
The Shellshock bugs — there are six related CVE designations — have the highest severity rating of 10. They exist in the Unix Bash shell, which is the default command-line interface on all Linux, Unix, and Mac-based operating systems. If...
Threat Spotlight: How attackers are targeting your web applications right now
The number of attacks targeting web applications and application programming interfaces (APIs) has increased significantly. Barracuda mitigated more than 18 billion attacks against applications during 2023, including 1.716 billion in December alone. Web applications are computer programs that are accessed...
Threat Spotlight: Phishing emails using Adobe InDesign on the rise
Barracuda security researchers are warning of a recent surge in phishing attacks leveraging Adobe InDesign, a known and trusted document publishing system. Some of the attacks are targeted. According to Barracuda telemetry, there has been a near 30-fold increase since October in...
Threat Spotlight: How attackers use inbox rules to evade detection after compromise
Automated email inbox rules are a useful and familiar feature of most email clients. They help people manage their inboxes and the daily flood of wanted and unwanted communications by enabling them to move emails to specific folders, forward them...
Barracuda XDR Insights: How AI learns your patterns to protect you
In the first half of 2023, Barracuda Managed XDR collected almost a trillion customer IT events, among which it detected and neutralized thousands of high-risk incidents. During those six months, the most widely encountered high-risk incidents — threats that require...
Threat Spotlight: Reported ransomware attacks double as AI tactics take hold
In 2023, artificial intelligence and generative AI have dominated headlines, and their impact is starting to make its mark on ransomware attacks ― for example with AI-enhanced phishing attacks to gain access to target networks and AI-powered automation for greater reach. Over...
Threat Spotlight: Extortion attacks
Extortion attacks, which are an increasingly common form of email scams, threaten the victim with compromising information, such as an embarrassing photo, and request payment in a cryptocurrency to prevent the information from being released. Attackers often purchase victims’ login...
Threat Spotlight: Attackers use 15-year-old tactics to target security flaws
Attackers are quick to exploit new opportunities for attack. The reporting of the Log4J bug in December 2021, for example, is believed to have led to a 150% increase in exploit activity the following year. However, an analysis of Barracuda’s threat detection...
Threat Spotlight: Proportion of malicious HTML attachments doubles within a year
The security industry has been highlighting the cybercriminal misuse of HTML for years — and evidence suggests it remains a successful and popular attack tool. Last year we reported that around one-in-five (21%) of all HTML attachments scanned by Barracuda in May...
Email threat types: Malware
Email attacks often come in the form of a harmless-looking email with malware attached as a .zip file or embedded in an email attachment. This malware could install ransomware, spyware, and other damaging programs. Malware is short for ‘malicious software’ and...
