Barracuda Blog

Barracuda offers cutting-edge cloud-based solutions designed to safeguard your email, networks, data, and applications.

National

English

Blog

Outlet metrics

Domain Authority

Ranking

Global

N/A

Country

N/A

Articles

CVE program's funding crisis: Implications and strategic response

1 week ago | blog.barracuda.com | Adam Khan

Today, the cybersecurity community faced a critical juncture as the U.S. government's contract with MITRE Corporation to develop, operate and modernize the Common Vulnerabilities and Exposures (CVE) program, as well as related efforts like CWE, was set to expire.
What is a non-human identity?

1 week ago | blog.barracuda.com | Paul Dughi

Machine or programmatic identities, such as services, apps, scripts, bots, and other automated agents, are all working behind the scenes to automate workflows. In other words, machines and systems are talking to other machines without human involvement. These non-human identities (NHIs) automatically authenticate using API keys, tokens or certificates. They are designed to automate and streamline workflows, but they open the door to potential risks.
Insider threats loom larger during economic turmoil

2 weeks ago | blog.barracuda.com | Mike Vizard

Any time there is significant economic turmoil stemming from, for example, a trade war there is a distinct possibility that layoffs will be made which, unfortunately, increases the probability that one or more disgruntled employees might consider engaging in some form of retribution involving a data security breach. These threats can span everything from data encryption to IP theft and more.
Threat Spotlight: The good, the bad, and the ‘gray bots’ – the Gen AI scraper bots targeting your web apps

3 weeks ago | blog.barracuda.com | Rahul Gupta

This consistency of request traffic was unexpected. It is generally assumed, and often the case, that gray bot traffic comes in waves, hitting a website for a few minutes to an hour or so before falling back. Both scenarios — constant bombardment or unexpected, ad hoc traffic surges — present challenges for web applications. Business impact Gray bots can be aggressive when collecting data and may remove information without permission.
Atlantis AIO: The big ‘all-in-one’ credential stuffing platform

3 weeks ago | blog.barracuda.com | Christine Barry

There are billions of stolen credential sets available on the dark web, and readily available through lists like RockYou2024 or Collection #1, and a 2022 study estimated that credential stuffing attacks have a success rate of 0.2 to 2%. That success rate fluctuates, but it’s based on a data set that keeps getting larger.
World Backup Day turns 14

4 weeks ago | blog.barracuda.com | Christine Barry

Data backup solutions have evolved as well, with advancements in external hard drives, purpose-built backup servers, cloud-based backup solutions, and software enhancements that have automated much of the backup process. World Backup Day (WBD) may seem unnecessary now, but it’s never been more critical to set aside time to consider your systems and data protection. Why World Backup Day?
Responsibility for critical infrastructure security shifts

1 month ago | blog.barracuda.com | Mike Vizard

Precisely who is responsible for securing critical infrastructure is about to shift following the signing of an executive order by President Trump.
Top threats of the 2024 botnet landscape

1 month ago | blog.barracuda.com | Christine Barry

Security researchers suspect “with low confidence” that Androxgh0st is operated by threat actors aligned with interests of the People’s Republic of China (PRC). and represents a new generation of hybrid botnets that combine capabilities from multiple sources. The botnet targets Windows, Mac, and Linux systems, and exploits personal computers, web servers, and IoT devices. These capabilities expand the botnet’s reach across networks and the global internet.
MSP Training: How often and what kind?

1 month ago | blog.barracuda.com | Kevin Williams

According to Barracuda Network’s Evolving Landscape of the MSP 2024 report, 38% of managed service providers (MSPs) offer security awareness training (SAT). However, experts say that the percentage should be much higher because of the high return on investment (ROI), and SAT is also a good draw for new customers. The same report showed that 24% of MSPs reported that SAT was one of the time draws for new clients.
The SOC case files: RansomHub exploits FortiGate bug in attack blocked by XDR

1 month ago | blog.barracuda.com | Eric Russo

Indicators of Compromise detected in this attack: The executables used by the attackers were: 3e9a87df1c99c3907f4a00f4d5902380960b78dd c4780dde6daaed7129c077ae3c569659296ca41f e2e35e9fc1a7bcdf21124cbdaaa41572d27ed88a 9664762c8b1f62c355a5a786a1a1616c73aaa764 IP addresses used by the threat actor: 208[.]91[.]112[.]55 80[.]94[.]95[.]248 13[.]37[.]13[.]37 Lessons learned This incident illustrates how attackers will try different approaches to try to gain access to a target — and an unmitigated...