GreyKeep Security

Expert security for an evolving digital age

Vulnerabilities

Chinese Hackers Continue Espionage Campaign Despite Barracuda Remediation

· ·

Barracuda logo on black background

A suspected Chinese hacking group (tracked as UNC4841) continues to target compromised Barracuda appliances in government, high tech, and information technology sectors. The group originally targeted organizations worldwide by exploiting a zero-day vulnerability discovered in Barracuda Email Security Gateway (ESG). Mandiant initially detailed the 8-month-long espionage campaign in a blog post on June 15, 2023. The vulnerability, reported as CVE-2023-2868, allows for remote command execution on the target appliance while processing .tar files containing specially crafted file names.

[Read more…] about Chinese Hackers Continue Espionage Campaign Despite Barracuda Remediation

Cybersecurity Daily: August 30, 2023

· ·

GreyKeep Security Cybersecurity Daily News

Your daily dose of relevant cybersecurity advisories, industry news, and product updates for August 30, 2023.

Advisories

[Read more…] about Cybersecurity Daily: August 30, 2023

Weekly Malware Roundup – August 29, 2023

· ·

GreyKeep Security Malware Roundup

This is the GreyKeep Security Malware Roundup for August 29, 2023. Here’s a summary of what’s in this week’s edition:

Targets

MacOS
Adobe ColdFusion
MOVEit Transfer
WinRAR
Openfire XMPP
Ivanti Sentry
Roblox		Juniper SRX
Cisco Nexus 3000/9000 (NX-OS)
Citrix NetScaler
Barracuda ESG
EsafeNet Cobra DocGuard
IoT devices

Organizations

U.S. government
Rust developers
Roblox developers		Taiwan
Hong Kong
Metropolitan Police Service
[Read more…] about Weekly Malware Roundup – August 29, 2023

Ransomware Campaign Targeting MOVEit Impacts 60 Million People

· ·

Progress MOVEit logo
Background by Peter Gargiulo

As reported by security research firms Emsisoft and Resecurity, as many as 1,000 organizations and 60 million individuals have been affected by the recent ransomware campaign targeting a SQL injection vulnerability (CVE-2023-34362) in the MOVEit Transfer web application. An attacker can exploit the vulnerability to access file transfers without authentication.

[Read more…] about Ransomware Campaign Targeting MOVEit Impacts 60 Million People

Cybersecurity Daily: August 24, 2023

· ·

GreyKeep Security Cybersecurity Daily News

Your daily dose of relevant cybersecurity advisories, industry news, and product updates for August 24, 2023.

For the latest news on malware and ransomware, check out our weekly Malware Roundup.

Advisories

[Read more…] about Cybersecurity Daily: August 24, 2023

How can we help you become more secure? Contact Us