cognitive cybersecurity intelligence

News and Analysis

Chinese Hackers Exploit New Zero-Day in Barracuda’s ESG

The Barracuda Email Security Gateway (ESG) appliance was found to have a vulnerability potentially exploitable by Chinese threat actor, UNC4841. The flaw, tied to a third-party library, ‘Spreadsheet::ParseExcel’, can lead to arbitrary code execution. This was used to deploy SEASPY and SALTWATER malware. Barracuda has patched the vulnerability and automatically applied the update to all ESG devices. The vulnerability has been classified as CVE-2023-7102, but its severity is yet to be categorized.

Source: gbhackers.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

International Criminal Court hit with cyber security attack – The Independent

International Criminal Court hit with cyber security attack – The Independent

Summarize this content to a maximum of 60 words: International Criminal Court hit with cyber security attack The Independent

Update from Cornish secondary school at centre of cyber incident – Yahoo

Update from Cornish secondary school at centre of cyber incident – Yahoo

Summarize this content to a maximum of 60 words: Update from Cornish secondary school at centre of cyber incident Yahoo

Update from Cornish secondary school at centre of cyber incident – Falmouth Packet

Update from Cornish secondary school at centre of cyber incident – Falmouth Packet

Summarize this content to a maximum of 60 words: Update from Cornish secondary school at centre of cyber incident Falmouth Packet

Millions of Android, iPhone Users Could Be Sending Data to China

Millions of Android, iPhone Users Could Be Sending Data to China

Summarize this content to a maximum of 60 words: Apple and Google app stores are offering private browsing apps owned by Chinese companies.