Lateral movement: Clearest sign of unfolding ransomware attack

44% of unfolding ransomware attacks were spotted during lateral movement, according to Barracuda Networks. 25% of incidents were detected when the attackers started writing or editing files, and 14% were unmasked by behavior that didn’t fit with known … Continue reading Lateral movement: Clearest sign of unfolding ransomware attack

Threat actors are raising the bar for cyber attacks

From sophisticated nation-state-sponsored intrusions to opportunistic malware campaigns, cyber attacks manifest in various forms, targeting vulnerabilities in networks, applications, and user behavior. The consequences of successful cyber attacks can b… Continue reading Threat actors are raising the bar for cyber attacks

Barracuda Networks and Cork offer cyber warranty services for customers of MSPs

Barracuda Networks is teaming with Cork to offer cyber warranty program created for MSPs to offer to the SMB clients they serve. Barracuda is introducing the Barracuda Cyber Warranty through its relationship with Cork. This is a financial protection pr… Continue reading Barracuda Networks and Cork offer cyber warranty services for customers of MSPs

New persistent backdoor used in attacks on Barracuda ESG appliances

The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection vulnerability in Barracuda Email Security Gateway (ESG) appliances. Barracuda… Continue reading New persistent backdoor used in attacks on Barracuda ESG appliances

CISA Order Highlights Persistent Risk at Network Edge

The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal civilian agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances. Continue reading CISA Order Highlights Persistent Risk at Network Edge

Replace Barracuda ESG appliances, company urges

Barracuda Networks is urging customers running phyisical Email Security Gateway (ESG) appliances to replace them immediately, “regardless of patch version level.” Vulnerability identification and disclosure Barracuda has identified a critic… Continue reading Replace Barracuda ESG appliances, company urges

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely updated with software fixes. Continue reading Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

Attackers hacked Barracuda ESG appliances via zero-day since October 2022

Barracuda says that the recently discovered compromise of some of it clients’ ESG appliances via a zero-day vulnerability (CVE-2023-2868) resulted in the deployment of three types of malware and data exfiltration. The company did not say how many… Continue reading Attackers hacked Barracuda ESG appliances via zero-day since October 2022

Organizations spend 100 hours battling post-delivery email threats

Nearly every victim of a spear-phishing attack in the last 12 months saw impacts on their organization, including malware infections, stolen data, and reputational damage, according to Barracuda Networks. Barracuda Networks research finds 24% of organi… Continue reading Organizations spend 100 hours battling post-delivery email threats

Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)

A vulnerability (CVE-2023-2868) in Barracuda Networks’ Email Security Gateway (ESG) appliances has been exploited by attackers, the company has warned. About CVE-2023-2868 CVE-2023-2868 is a critical remote command injection vulnerability affecti… Continue reading Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)