On May 19, 2023, Barracuda Networks identified a remote command injection vulnerability (CVE-2023-2868) present in the Barracuda Email Security Gateway (appliance form factor only) versions 5.1.3.001-9.2.0.006. In its security advisory, Barracuda said the vulnerability existed in the Barracuda software component responsible for screening attachments for malware. In subsequent days, Barracuda deployed a series of patches.
The vastness of the deep and dark web can easily turn attempts to monitor for cyber threats into a firehose of useless information. Part of the problem is the nature of the data streams that need to be monitored. Every day, more credentials are stolen and exposed. Illegal criminal forums are full of repeated spamming of illicit advertisements. Thousands of new domain names are registered daily, including many that can be considered typosquatted.
The recent discovery of a zero-day vulnerability in a well-known email security product further underscores the importance of robust email security that can effectively counter advanced email threats, offer a defense-in-depth approach, and operate in the cloud or on-premises. To start, if you believe you have suffered a breach, Trustwave’s Digital Forensics and Incident Response (DFIR) is ready and online to take your call and start helping your organization recover. Click here.
Protecting endpoints is more important than ever, as existing threats like ransomware continue to damage organizations and emerging threats like AI-driven attacks add to the problem. As attackers find new ways to exploit an organization’s vulnerabilities, IT security teams find themselves under pressure to act quickly, often searching for new tools. However, when security solutions are bolted together hastily, problems arise.
If you’re shopping around for a way to stop bots damaging your brand – be that through enabling automated fraud, hoarding your stock, scraping your content or prices, or just eating up server resources – you’ve probably seen vendors advocating the use of “client-side detection”. They’re probably telling you it’s necessary for accurate bot detection.