Latest news with #BarracudaNetworks
Techday NZ
22-07-2025
- Techday NZ
Cyber threats surge with rise in infostealers & Linux attacks
Barracuda Networks researchers have reported a notable rise in cyber threats over the past month, with substantial increases in infostealer attacks, threats targeting Linux servers, and suspicious login attempts to AWS consoles. Infostealer attacks Barracuda's SOC threat analysts identified a 35% increase in detections related to infostealer malware, which is used to steal credentials, hijack sessions, conduct cyber espionage, and facilitate data exfiltration. Interpol recently decommissioned 20,000 IP addresses linked to 69 infostealer variants. The report outlined the primary methods through which infostealers are delivered. Attack vectors include phishing emails urging users to click on malicious links or download infected attachments, drive-by downloads from websites, software exploits targeting unpatched vulnerabilities, and bundled software, especially pirated applications. Specific signs pointing to infostealer activity within an organisation include sudden or unusual account activity, a surge in help desk requests linked to lost credentials, system slowdowns, and unexpected pop-ups or ads, which may signal malware presence. "A robust endpoint security solution such as Barracuda Managed XDR Endpoint Security that can detect and block malware in real time is the best defence against infostealer malware." "Enforce the use of multifactor authentication (MFA) to make it harder for attackers to breach accounts even if credentials are compromised. Implement security awareness training for employees on the latest phishing tactics and safe browsing. Implement advanced email security to detect and block phishing attempts before they reach users. Keep systems and software updated with the latest security patches. Prevent employees from downloading and installing pirate versions of applications to their work accounts." Linux servers under threat The report also indicated a 56% jump in attacks on Linux servers. Among the reasons highlighted are a reported 3,300 new Linux vulnerabilities in 2025 alone, a 130% rise in the number of attacks over the previous year, and two critical vulnerabilities announced in June 2025. The widespread use of Linux systems for servers, cloud infrastructure, and IoT devices has contributed to these systems being frequently targeted. Threats include malware attacks such as ransomware, rootkits, backdoors, distributed denial of service (DDoS) attacks, exploitation of unpatched software flaws, and the hijacking of server resources for unauthorised cryptocurrency mining. Indicators of compromise might include traffic spikes to unfamiliar IP addresses, abnormal account behaviour, system slowdowns, and configuration changes to critical files. "Keep systems, including operating systems, and software updated with the latest security patches. Implement firewalls to restrict access to critical services and monitor incoming and outgoing traffic for suspicious activity." "Enforce strong password and authentication policies, and consider using key-based authentication for SSH (a cryptographic protocol for secure remote login) access to reduce the risk of brute-force attacks. Implement a robust backup and recovery plan to limit the operational impact and quickly restore services following an incident. Deploy an extended detection and response (XDR) solution - ideally covering endpoints, servers and networks - as this features intrusion detection systems (IDS) that monitor activity and alert administrators to potential threats in real time." AWS login concerns Analysts observed a 13% increase in suspicious login attempts to the AWS Management Console. While smaller than the increases seen for other attack categories, these attempts present notable risks, including credential theft, brute-force attacks, phishing using social engineering, and potential account takeover. A successful breach could allow attackers to manipulate AWS resources, exfiltrate data, or use compromised accounts for additional attacks. Warning signs include login attempts from unusual locations or IP addresses, a high number of failed logins, or sudden shifts in resource usage or account configurations. "Enforce the use of strong passwords and multifactor authentication (MFA) to make it harder for attackers to breach accounts even if credentials are compromised. Implement security awareness training for employees on the latest phishing tactics and safe browsing. Continuously check for and correct misconfigurations in cloud service settings. Implement network segmentation, and restrict employees' access permissions to limit access to sensitive areas of the network. Deploy an XDR cloud security solution that will check regularly for unusual login activity and flag any suspicious events." The report attributes these increases to a surge in cybercriminal activity targeting technological vulnerabilities and user awareness gaps, and outlines practical recommendations for organisations to reduce the risk of falling victim to such attacks.
Channel Post MEA
09-07-2025
- Business
- Channel Post MEA
Barracuda Unveils Backup Solution For Entra ID
Barracuda Networks has announced the launch of Barracuda Entra ID Backup Premium – a comprehensive, cost-effective solution to safeguard Microsoft Entra ID environments from accidental and malicious data loss. With fast, reliable recovery of vital identity data, the new offering strengthens cyber resilience and helps ensure secure, uninterrupted access to business applications and services. Seamlessly integrated with the BarracudaONE platform, Barracuda Entra ID Backup Premium provides users with centralized visibility into backup status, data health and storage insights through a unified dashboard. It is built to support both single and multi-tenant environments, making it an ideal solution for IT teams and managed service providers (MSPs) looking to simplify and scale identity protection management. 'Identity is the control plane of today's digital business – any disruption can halt operations and expose organizations to security risks,' said Neal Bradbury , chief product officer at Barracuda. 'With Entra ID Backup Premium, we are closing a critical gap in the identity protection lifecycle by adding fast, reliable recovery to our proven detection and response capabilities. Unlike point solutions that focus only on backup or monitoring, Barracuda delivers a unified, end-to-end approach that makes Entra ID protection simpler, stronger and more resilient so organizations can stay secure, compliant and operational.' Closing the Identity Protection Gap As organizations increasingly rely on Microsoft's cloud-based identity and access management platform, the risk of identity data loss – from cyberattacks or human error – continues to grow. Microsoft retains Entra ID data for only 30 days and recommends third-party backups. Barracuda Entra ID Backup Premium addresses this gap with long-term, scalable data preservation, empowering organizations to recover data well beyond Microsoft's default limits. Barracuda Entra ID Backup Premium protects the 13 most essential identity components needed to maintain a secure and resilient Microsoft Entra ID environment. This includes users, groups, roles, administrative units, app registrations, audit logs, authentication and access policies, BitLocker keys, device management configurations, and more. 'As a trusted MSP, we understand how essential Microsoft 365 is to our customers' operations – which makes protecting and restoring Entra ID security components absolutely mission-critical,' said John Quatto , channel partner manager at Zobrio. 'Ransomware attacks can cripple access to users, groups and core systems. With Barracuda Entra ID Backup Premium, Barracuda has closed a gap in identity and access protection. Its integration into the BarracudaONE platform delivers a comprehensive, unified cybersecurity solution that's simple to deploy, easy to manage and built to scale – giving our customers the confidence to recover quickly and stay resilient against evolving threats.' Easy to Deploy, Effortless to Use The cloud-based, software-as-a-service (SaaS) solution is built for simplicity and speed – no installation, configuration or manual patching is required. Customers connect their Microsoft 365 tenant and start backing up Entra ID data in just minutes. Advanced search, real-time monitoring, detailed audit logs, and five levels of role-based access control (RBAC) provide the visibility and control needed to manage identity protection efficiently and securely. Availability Barracuda Entra ID Backup Premium is now available globally through Barracuda's extensive network of resellers and MSPs. The solution can be purchased as a standalone offering or as a subscription with Barracuda Cloud-to-Cloud Backup.
Yahoo
09-07-2025
- Business
- Yahoo
Barracuda Unveils Entra ID Backup Premium to Safeguard Identity Data
New Solution Protects Against Accidental and Malicious Data Loss, Ensures Business Continuity and Strengthens Cyber Resilience News highlights: Barracuda Entra ID Backup Premium protects essential identity data against accidental and malicious data loss. Addresses critical industry-wide identity protection gaps by enabling fast, reliable recovery of the 13 most vital identity components – extending protection far beyond Microsoft's native 30-day limit. Seamlessly integrated with the BarracudaONE platform, the cloud-based SaaS solution is designed for rapid deployment and simplified management across single and multi-tenant environments. CAMPBELL, Calif., July 8, 2025 /PRNewswire/ -- Barracuda Networks, Inc., a leading cybersecurity company providing complete protection against complex threats for all sized businesses, today announced the launch of Barracuda Entra ID Backup Premium – a comprehensive, cost-effective solution to safeguard Microsoft Entra ID environments from accidental and malicious data loss. With fast, reliable recovery of vital identity data, the new offering strengthens cyber resilience and helps ensure secure, uninterrupted access to business applications and services. Seamlessly integrated with the BarracudaONE platform, Barracuda Entra ID Backup Premium provides users with centralized visibility into backup status, data health and storage insights through a unified dashboard. It is built to support both single and multi-tenant environments, making it an ideal solution for IT teams and managed service providers (MSPs) looking to simplify and scale identity protection management. "Identity is the control plane of today's digital business – any disruption can halt operations and expose organizations to security risks," said Neal Bradbury, chief product officer at Barracuda. "With Entra ID Backup Premium, we are closing a critical gap in the identity protection lifecycle by adding fast, reliable recovery to our proven detection and response capabilities. Unlike point solutions that focus only on backup or monitoring, Barracuda delivers a unified, end-to-end approach that makes Entra ID protection simpler, stronger and more resilient so organizations can stay secure, compliant and operational." Closing the Identity Protection Gap As organizations increasingly rely on Microsoft's cloud-based identity and access management platform, the risk of identity data loss – from cyberattacks or human error – continues to grow. Microsoft retains Entra ID data for only 30 days and recommends third-party backups. Barracuda Entra ID Backup Premium addresses this gap with long-term, scalable data preservation, empowering organizations to recover data well beyond Microsoft's default limits. Barracuda Entra ID Backup Premium protects the 13 most essential identity components needed to maintain a secure and resilient Microsoft Entra ID environment. This includes users, groups, roles, administrative units, app registrations, audit logs, authentication and access policies, BitLocker keys, device management configurations, and more. "As a trusted MSP, we understand how essential Microsoft 365 is to our customers' operations – which makes protecting and restoring Entra ID security components absolutely mission-critical," said John Quatto, channel partner manager at Zobrio. "Ransomware attacks can cripple access to users, groups and core systems. With Barracuda Entra ID Backup Premium, Barracuda has closed a gap in identity and access protection. Its integration into the BarracudaONE platform delivers a comprehensive, unified cybersecurity solution that's simple to deploy, easy to manage and built to scale – giving our customers the confidence to recover quickly and stay resilient against evolving threats." Easy to Deploy, Effortless to UseThe cloud-based, software-as-a-service (SaaS) solution is built for simplicity and speed – no installation, configuration or manual patching is required. Customers connect their Microsoft 365 tenant and start backing up Entra ID data in just minutes. Advanced search, real-time monitoring, detailed audit logs, and five levels of role-based access control (RBAC) provide the visibility and control needed to manage identity protection efficiently and securely. AvailabilityBarracuda Entra ID Backup Premium is now available globally through Barracuda's extensive network of resellers and MSPs. The solution can be purchased as a standalone offering or as a subscription with Barracuda Cloud-to-Cloud Backup. About Barracuda Barracuda is a leading global cybersecurity company providing complete protection against complex threats for all sized businesses. Our AI-powered platform secures email, data, applications, and networks with innovative solutions, managed XDR and a centralized dashboard to maximize protection and strengthen cyber resilience. Trusted by hundreds of thousands of IT professionals and managed service providers worldwide, Barracuda delivers powerful defenses that are easy to buy, deploy and use. Barracuda Networks, Barracuda, BarracudaONE, and the Barracuda Networks logo are registered trademarks or trademarks of Barracuda Networks, Inc. in the U.S., and other countries. Contact: Anne Campbell Barracuda Networks, Inc. 978-328-1642 acampbell@ View original content to download multimedia: SOURCE Barracuda Networks, Inc. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Channel Post MEA
25-06-2025
- Business
- Channel Post MEA
Barracuda Launches Managed Vulnerability Security
Barracuda Networks has announced the launch of Barracuda Managed Vulnerability Security. This fully managed service, powered by Barracuda's global Security Operations Center (SOC), extends the BarracudaONE platform to help organizations proactively identify, assess and prioritize vulnerabilities. This enables them to reduce risk and strengthen their security resilience. 'By proactively identifying vulnerabilities, we can better predict the likelihood of an attack, giving both Barracuda and our customers a decisive edge to stop threats before they're exploited and reduce cyber risk,' said Adam Khan, vice president of global security operations at Barracuda. 'Barracuda Managed Vulnerability Security delivers deep visibility into risks across environments – without the burden of managing additional tools or hiring hard to find and retain security operations specialists. With expert guidance and smart prioritization, it streamlines remediation and transforms how organizations manage vulnerabilities and defend against today's sophisticated attacks.' Barracuda Managed Vulnerability Security provides expert-led vulnerability scanning, analysis and contextual reporting across organizations' networks and cloud infrastructure. The service uncovers vulnerabilities across a broad range of hardware and software – including endpoints, servers, IoT devices, firewalls, and other network-connected systems – regardless of whether those vulnerabilities are associated with known exploits. Organizations receive detailed, actionable reports, including an audit summary and prioritized remediation plan. These insights help organizations clearly understand their risk exposure and make informed decisions aligned with both their security objectives and compliance requirements. Regular vulnerability scans play a critical role in helping organizations meet regulatory guidelines such as the Digital Operational Resilience Act (DORA), Network Information Security 2 (NIS2), General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS), and others by supporting ongoing risk assessment, mitigation and audit readiness. Barracuda Managed Vulnerability Security is now available to both new and existing customers through Barracuda's global network of resellers and Managed Service Providers. The service can be deployed on its own or seamlessly integrated with Barracuda Managed XDR, a 24/7/365 threat detection and response offering that leverages advanced AI analytics and threat intelligence to prevent breaches. When combined, customers gain a unified, fully managed security experience that streamlines vendor management, accelerates vulnerability and threat detection and remediation, and enhances operational efficiency.
Techday NZ
13-06-2025
- Business
- Techday NZ
Phishing-as-a-Service drives surge in cybercrime for 2025
Barracuda Networks has released new details on the rising prevalence of Phishing-as-a-Service (PhaaS) attacks, the technologies underpinning them, and trends shaping cybercrime in 2025. The company's analysis found that an estimated 60% to 70% of all phishing attacks observed since the beginning of 2025 have been delivered using PhaaS models. Of these, the Tycoon 2FA phishing kit emerged as the most popular, responsible for 76% of the detected incidents. EvilProxy accounted for 8%, while Mamba 2FA and Sneaky 2FA together made up 6%. The remaining 10% consisted of other kits such as LogoKit, CoGUI and FlowerStorm. Understanding PhaaS Phishing-as-a-Service is a model in which individuals or groups provide ready-made phishing tools, infrastructure and support to customers for a fee, often via subscription services or one-off payments. This business-like approach means non-technical users can easily launch phishing campaigns without building infrastructure or writing code. According to the explainer released by Barracuda, "Phishing-as-a-Service, or PhaaS, is a cybercrime model where threat actors offer phishing tools, kits and services to other attackers, often via subscription or one-time payment. It lowers the barrier to entry for phishing attacks by providing ready-made templates, hosting, automation and even customer support. PhaaS enables non-technical users to launch sophisticated phishing campaigns, contributing to the rise in phishing incidents globally." Attackers typically access these services through forums, darknet markets, or messaging channels such as Telegram. The platforms provide templates for impersonating well-known brands and offer means to collect sensitive information entered by victims, which attackers can then use for financial gain or identity theft. The explainer notes, "Attackers sign up for this service — often through Darknet or Telegram channels — and obtain access to their PhaaS infrastructure. The service provides ready-made fake emails and websites that look just like real companies. The scammer can customise messages to make them convincing. Then, these fake emails or websites are sent out to lots of people. When someone falls for the trick and enters their private info, the scammer collects it and can steal money or identities." Barriers lowered PhaaS is popular with users seeking to commit credential theft but lacking the skills to develop phishing infrastructure from scratch. The systems are marketed not only at experienced cybercriminals, but also at individuals with limited technical knowledge, as the ease of use and available support bring phishing within reach of a broader group of criminal actors. "Attackers who want to do credential theft but don't know how to build the phishing emails, infrastructure to host fake Microsoft/Google login pages, steal multifactor-authentication (MFA) tokens and send them to a command-and-control server. Sometimes even people who aren't very tech-savvy can use PhaaS because it makes it easy for anyone to launch scams," the explainer says. PhaaS allows for rapid deployment of attacks, high levels of automation and large-scale targeting, including of small businesses and individual consumers. Typical victims range from employees at companies targeted for access to internal systems, to consumers receiving emails purporting to be from banks or popular online services. "It saves time and effort — they don't have to create complicated scam setups from scratch. It's often cheap or subscription-based, so it's easy to access. It's much easier now to launch a sophisticated phishing campaign targeting thousands of people with just a few clicks or minimal effort, compared to traditional phishing attacks. These modern attacks are highly advanced — they use clever methods to avoid detection and often rely on legitimate but compromised websites and platforms." Market forces PhaaS providers continually update their kits to bypass security measures, and competition between providers is fierce. Kits compete on factors such as price, accessibility, customer support, regular updates, and their ability to avoid detection. Subscription models and customer service functions have become normal, mirroring the software industry. "Kits that are cheaper or easier to get tend to attract more users. Some offer subscriptions, while others sell one-time licenses. The price and payment options matter a lot. Updates: Some PhaaS providers offer customer support and regularly update their kits to bypass new security measures. Kits that stay updated and provide help keep their users loyal. Success rates: If a kit is known for helping scammers avoid detection and successfully steal information, it gains popularity over others." Emerging kits and techniques Barracuda identified several new PhaaS kits, such as Darcula, which merges phishing with malware delivery and tends to target mobile users, and Morphing Meerkat, noted for altering its appearance to bypass email controllers. Other kits like CoGUI have been regionally tailored, such as those targeting Japanese organisations, and Sniper Dz is highlighted for mimicking the login pages of popular services. According to the explainer, "What makes these kits particularly dangerous is that they constantly evolve — updating their methods to avoid being detected by security systems. This ongoing development helps scammers stay one step ahead and makes it harder to shut them down." Detection strategies avoided PhaaS operators and their customers deploy techniques including encrypting malicious code, using code obfuscation, leveraging legitimate but compromised websites, and actively detecting when they are being monitored by security software or research sandboxes. In such cases, the kits will direct users to bona fide websites to avoid raising suspicion. The use of encryption and the adoption of real, trusted sites for hosting phishing content make detecting such threats more challenging for security tools, which traditionally focus on signature-based or heuristic detections of uncommon domains or content. Despite ongoing efforts by security professionals and law enforcement, the widespread distribution of PhaaS services and kits, international hosting, and frequent method changes continue to pose challenges for effective mitigation and takedown of phishing operations.
