Lucene search
K

8 matches found

The Hacker News
The Hacker News
added 2025/09/09 12:27 a.m.5 views

45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage

Threat hunters have discovered a set of previously unreported domains, some going back to May 2020, that are associated with China-linked threat actors Salt Typhoon and UNC4841. "The domains date back several years, with the oldest registration activity occurring in May 2020, further confirming...

9.8CVSS9.7AI score0.86956EPSS
Exploits3
The Hacker News
The Hacker News
added 2023/12/27 12:35 p.m.82 views

Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances

Barracuda has revealed that Chinese threat actors exploited a new zero-day in its Email Security Gateway ESG appliances to deploy backdoors on a "limited number" of devices. Tracked as CVE-2023-7102, the issue relates to a case of arbitrary code execution that resides within a third-party and...

9.8CVSS7.2AI score0.86956EPSS
Exploits5
hivepro
hivepro
added 2023/09/05 11:4 a.m.18 views

Attacks, Vulnerabilities and Actors 28 August to 3 September 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of six attacks executed, one vulnerability, and two different adversaries highlights...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/31 9:22 a.m.58 views

Earth Estries' Espionage Campaign Targets Governments and Tech Titans Across Continents

A hacking outfit nicknamed Earth Estries has been attributed to a new, ongoing cyber espionage campaign targeting government and technology industries based in the Philippines, Taiwan, Malaysia, South Africa, Germany, and the U.S. "The threat actors behind Earth Estries are working with high-leve...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/29 2:54 p.m.75 views

Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom

A suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway ESG appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign. Mandiant, which i...

9.8CVSS6.8AI score0.86956EPSS
Exploits3
The Hacker News
The Hacker News
added 2023/07/29 4:59 a.m.95 views

Hackers Deploy "SUBMARINE" Backdoor in Barracuda Email Security Gateway Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday disclosed details of a "novel persistent backdoor" called SUBMARINE deployed by threat actors in connection with the hack on Barracuda Email Security Gateway ESG appliances. "SUBMARINE comprises multiple artifacts — includin...

9.8CVSS9.8AI score0.86956EPSS
Exploits3
The Hacker News
The Hacker News
added 2023/06/15 2:56 p.m.102 views

Chinese UNC4841 Group Exploits Zero-Day Flaw in Barracuda Email Security Gateway

A suspected China-nexus threat actor dubbed UNC4841 has been linked to the exploitation of a recently patched zero-day flaw in Barracuda Email Security Gateway ESG appliances since October 2022. "UNC4841 is an espionage actor behind this wide-ranging campaign in support of the People's Republic o...

9.8CVSS9.8AI score0.86956EPSS
Exploits3
ATTACKERKB
ATTACKERKB
added 2023/05/24 7:15 p.m.57 views

CVE-2023-2868

A remote command injection vulnerability exists in the Barracuda Email Security Gateway appliance form factor only product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file tape archives. The vulnerability ste...

9.8CVSS7.5AI score0.98975EPSS
In wildExploits22References4Affected Software1
Rows per page
Query Builder