cognitive cybersecurity intelligence

News and Analysis

Chinese Hackers Exploit New Zero-Day in Barracuda’s ESG

The Barracuda Email Security Gateway (ESG) appliance was found to have a vulnerability potentially exploitable by Chinese threat actor, UNC4841. The flaw, tied to a third-party library, ‘Spreadsheet::ParseExcel’, can lead to arbitrary code execution. This was used to deploy SEASPY and SALTWATER malware. Barracuda has patched the vulnerability and automatically applied the update to all ESG devices. The vulnerability has been classified as CVE-2023-7102, but its severity is yet to be categorized.

Source: gbhackers.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

News and Analysis

Chinese Hackers Exploit New Zero-Day in Barracuda’s ESG

Subscribe to newsletter

More Posts

Is the US about to commit war crimes in Iran?

Brockton's Signature Healthcare hit by cybersecurity incident – nationaltoday.com

5 Takeaways from “The Future of Search & Discovery: Understanding Agentic Commerce” Webinar

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa – Security Affairs

Products

Solutions

Healthcare cybersecurity

Healthcare Threat Intelligence

Use Cases

News and Analysis

Insights

Company