Barracuda networks | Breaking Cybersecurity News | The Hacker News

A hacking outfit nicknamed  Earth Estries  has been attributed to a new, ongoing cyber espionage campaign targeting government and technology industries based in the Philippines, Taiwan, Malaysia, South Africa, Germany, and the U.S. "The threat actors behind Earth Estries are working with high-level resources and functioning with sophisticated skills and experience in cyber espionage and illicit activities," Trend Micro researchers Ted Lee, Lenart Bermejo, Hara Hiroaki, Leon M Chang, and Gilbert Sison  said . Active since at least 2020, Earth Estries is said to share tactical overlaps with another nation-state group tracked as  FamousSparrow , which was first exposed by ESET in 2021 as exploiting ProxyLogon flaws in Microsoft Exchange Server to penetrate hospitality, government, engineering, and legal sectors. It's worth pointing out that commonalities have also been unearthed between FamousSparrow and  UNC4841 , an uncategorized activity cluster held respo...

A suspected Chinese-nexus hacking group exploited a  recently disclosed zero-day flaw  in Barracuda Networks Email Security Gateway (ESG) appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign. Mandiant, which is tracking the activity under the name  UNC4841 , described the threat actor as "highly responsive to defensive efforts" and capable of actively tweaking their modus operandi to maintain persistent access to targets. "UNC4841 deployed new and novel malware designed to maintain presence at a small subset of high priority targets that it compromised either before the patch was released, or shortly following Barracuda's remediation guidance," the Google-owned threat intelligence firm  said  in a new technical report published today. Almost a third of the identified affected organizations are government agencies. Interestingly enough, some of the earliest compromises...

In cybersecurity, confidence is a double-edged sword. Organizations often operate under a false sense of security , believing that patched vulnerabilities, up-to-date tools, polished dashboards, and glowing risk scores guarantee safety. The reality is a bit of a different story. In the real world, checking the right boxes doesn't equal being secure. As Sun Tzu warned, "Strategy without tactics is the slowest route to victory. Tactics without strategy is the noise before defeat." Two and a half millennia later, the concept still holds: your organization's cybersecurity defenses must be strategically validated under real-world conditions to ensure your business's very survival. Today, more than ever, you need Adversarial Exposure Validation (AEV) , the essential strategy that's still missing from most security frameworks. The Danger of False Confidence Conventional wisdom suggests that if you've patched known bugs, deployed a stack of well-regarded security tools, and passed the nec...

Security expert Ebrahim Hegazy has found a Password disclosure vulnerability in Barracuda update servers which allows to gain access to employee credentials. The Egyptian information security advisor Ebrahim Hegazy( @Zigoo0 ) has found a Password disclosure vulnerability in one of Barracuda update servers which allows the attackers to gain access to all its employee data. When the system administrator needs to protect a directory with a second authentication layer (basic authentication ) besides the back-end authentication, he can do it with multiple methods, one of that methods is through the configuration of .htaccess and .htpasswd files. A proper configuration could prevent a visitor to surf reserved area (e.g /Cpanel or /admin), in this scenario a popup proposes to the user asking to enter authentication credentials, that credentials are saved inside .htpasswd file as: Username:Password In normal scenarios the .htpasswd file should be stored outside the we...

Barracuda Networks announced on Tuesday that it will pay over $3,100 to anyone who can hack into its security products. This bug bounty program is the first of its kind from a pure-play security vendor. "This initiative reflects our commitment to our customers and the security community at large," said Paul Judge, Chief Research Officer at Barracuda. The security firm has included its Spam & Virus Firewall, Web Filter, Web Application Firewall, and NG Firewall in the bug bounty program. Patch or Public Disclosure Last week, Google launched a bug bounty program to pay for vulnerabilities, joining many other vendors willing to pay security researchers for information about vulnerabilities. These efforts aim to fix flaws as soon as possible to prevent exploitation as zero-day attacks. Barracuda's bug bounty program will pay up to $3,133.70 for "particularly severe bugs," a nod to the slang "leet" number 31337, meaning "elite" in the security commu...