Barracuda networks | Breaking Cybersecurity News | The Hacker News

A hacking outfit nicknamed  Earth Estries  has been attributed to a new, ongoing cyber espionage campaign targeting government and technology industries based in the Philippines, Taiwan, Malaysia, South Africa, Germany, and the U.S. "The threat actors behind Earth Estries are working with high-level resources and functioning with sophisticated skills and experience in cyber espionage and illicit activities," Trend Micro researchers Ted Lee, Lenart Bermejo, Hara Hiroaki, Leon M Chang, and Gilbert Sison  said . Active since at least 2020, Earth Estries is said to share tactical overlaps with another nation-state group tracked as  FamousSparrow , which was first exposed by ESET in 2021 as exploiting ProxyLogon flaws in Microsoft Exchange Server to penetrate hospitality, government, engineering, and legal sectors. It's worth pointing out that commonalities have also been unearthed between FamousSparrow and  UNC4841 , an uncategorized activity cluster held responsible for

A suspected Chinese-nexus hacking group exploited a  recently disclosed zero-day flaw  in Barracuda Networks Email Security Gateway (ESG) appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign. Mandiant, which is tracking the activity under the name  UNC4841 , described the threat actor as "highly responsive to defensive efforts" and capable of actively tweaking their modus operandi to maintain persistent access to targets. "UNC4841 deployed new and novel malware designed to maintain presence at a small subset of high priority targets that it compromised either before the patch was released, or shortly following Barracuda's remediation guidance," the Google-owned threat intelligence firm  said  in a new technical report published today. Almost a third of the identified affected organizations are government agencies. Interestingly enough, some of the earliest compromises

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

Security expert Ebrahim Hegazy has found a Password disclosure vulnerability in Barracuda update servers which allows to gain access to employee credentials. The Egyptian information security advisor Ebrahim Hegazy( @Zigoo0 ) has found a Password disclosure vulnerability in one of Barracuda update servers which allows the attackers to gain access to all its employee data. When the system administrator needs to protect a directory with a second authentication layer (basic authentication ) besides the back-end authentication, he can do it with multiple methods, one of that methods is through the configuration of .htaccess and .htpasswd files. A proper configuration could prevent a visitor to surf reserved area (e.g /Cpanel or /admin), in this scenario a popup proposes to the user asking to enter authentication credentials, that credentials are saved inside .htpasswd file as: Username:Password In normal scenarios the .htpasswd file should be stored outside the we