Barracuda Zero Day Vulnerability Replace, don’t patch, vulnerable devices 23rd May
North Korean threat actors expected to be responsible for the compromise, which was used to go on to comprise 3CX customers critical infrastructure organisations within the energy sector. A trojanised version of the legitimate 3CX software was used to compromise their customers. What set this attack apart is that the attack was the result of an earlier supply chain attack, with a 3CX employee downloading malware infected software package. Supply Chain Attack 3CX Voice Over Internet Protocol (VOIP) desktop client compromised 29th Mar
Barracuda announced a zero-day vulnerability in their Email Security Gateway, CVE-2023-2868, which had been exploited in the wild, the threat actor believed to be the Chinese state affiliated UNC4841, leveraging the flaw for espionage. The threat actor quickly adapted to containment and remediation efforts, leaving Barracuda to take the unusual step of recommending customers replace their existing appliances with new ones, rather than rely on more typical remediation efforts.
Print Management Software maker, Papercut, announced Remote Code Execution (RCE) vulnerabilities in Papercut NG and Papercut MF, which could be levered without authentication in this critically rated CVE. A user account data flaw affecting Papercut NG and Papercut MF was also discovered, and both were known to be exploited by threat actors. Papercut has 100+ million customers worldwide. Groups such as LockBit then leveraged this flaw in ransomware attacks. Papercut: Ransomware Zero-Day actively exploited by Russian threat actors 14th Apr
7
Made with FlippingBook - PDF hosting