Latest Threats
Barracuda Research delivers actionable insights from trillions of IT events, AI-powered threat detection and real-world security incidents. Our advanced threat intelligence empowers IT security professionals with the knowledge to identify emerging threats, recognize the warning signs and implement effective protection strategies for their businesses.
Latest Email Threat Tactics
- Phishing gangs abuse Microsoft OAuth for stealthy access
+ Scammers abusing serverless computing platforms, website creation and productivity tools to host phishing
+ Threat Spotlight: Split and nested QR codes fuel new generation of ‘quishing’ attacks
Attackers are using advanced techniques to evade detection and steal login credentials.
See the details and the action to take to protect against the attacks:
Latest Threats Targeting Organizations
- Cybersecurity Threat Advisory: SonicWall SSL VPN targeted by Akira ransomware
+ A rise in attacks targeting bugs in FortiGate Firewall VPN services
+ A rise in attempted data exfiltration
Real World Incidents and Trends
- Akira ransomware turns victim’s remote management tool on itself
+ XDR contains attacks leveraging ScreenConnect
Barracuda Managed XDR and the SOC team recently helped two companies mitigate incidents where attackers compromised computers and installed ScreenConnect remote management software.
At one company, there were signs of data exfiltration linked to a convoluted series of malicious downloads. At the other company, there was evidence of malicious scripts and persistence techniques.
+ Beware: Scheduled tasks can be a security red flag
Ransomware attackers often use scheduled tasks to automate different stages of the attack, maximizing the impact of the attack while reducing the chances of detection. Attackers create scheduled tasks for several reasons, including:
- To release the ransomware payload at a specific time
- To maintain access to the network, by scheduling tasks to rerun malware at intervals, even if it is detected and removed
- To help with stealthy data exfiltration, by collecting and removing information at intervals
- To turn off antivirus software, firewall protections or system recovery tools, making it harder for the security team to remediate or recover from the incident
- To distribute ransomware to connected devices across the network
- To delete traces of attack activity after encryption, making it harder for security teams to investigate how the attack unfolded
“Threat actors are manipulating AI assistants and tampering with AI security features to steal information. Security must include intelligent detection, adaptive automation and human-centric design.”
Ashok Sakthivel
Director – Engineering, Email Protection
Threat Spotlight: How attackers poison AI tools and defenses
“SharePoint and other tools are part of the critical attack surface. Every business should focus on rapid detection, containment and recovery. Resilience starts with visibility and a clear business continuity plan.”
Adam Khan
VP security operations, Barracuda Managed XDR
Cybersecurity Threat Advisory on Microsoft SharePoint zero-day vulnerability
Resource Library
Barracuda provides a wide range of cyberthreat and cybersecurity insights, tools and support to help organizations and security researchers better understand the rapidly evolving threat landscape and how to manage risk.
