Zero-day exploited to breach Barracuda email gateways

SC StaffMay 26, 2023

BleepingComputer reports that some Barracuda Email Security Gateway instances have been compromised in attacks exploiting a zero-day vulnerability, which has already been patched in security updates issued over the weekend. No other Barracuda products have been impacted by the security flaw, according to Barracuda Networks, which has already informed users whose appliances may have been breached. Organizations using Barracuda ESG have been urged to conduct a review of their environments to ensure the safety of other network devices. "If a customer has not received notice from us via the ESG user interface, we have no reason to believe their environment has been impacted at this time and there are no actions for the customer to take," said Barracuda. Meanwhile, fixes have also been issued by Barracuda for a login issue and a faulty spam scoring logic in its Email Gateway Defense appliances.

SC Staff

Phishing

Massive phishing campaigns facilitated by Telekopye bot

SC StaffNovember 27, 2023

Wide-reaching phishing scams have been conducted by the Neanderthals threat operation using the malicious Telegram bot dubbed "Telekopye," reports The Hacker News.

Threat Intelligence

Malware superseded as leading cyber threat faced by SMBs

SC StaffNovember 22, 2023

Malware-free intrusions have become the leading cybersecurity threat against small- to medium-sized businesses, accounting for 56% of all cyber incidents during the third quarter, SiliconAngle reports.

Email security

High-severity Microsoft Exchange flaws downplayed

SC StaffNovember 7, 2023

Four high-severity Microsoft Exchange flaws reported by Trend Micro's Zero Day Initiative were noted by Microsoft to have been addressed or not need immediate servicing as required authentication would significantly reduce their odds of being exploited, SecurityWeek reports.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news