Mandiant accuses UNC4841 of exploiting Barracuda Email Security Gateway flaw

Share post:

According to Mandiant, a group of hackers known as UNC4841, alleged to be acting on behalf of the Chinese government, has been targeting enterprises in at least 16 different countries by exploiting a flaw in Barracuda Networks’ Email Security Gateway devices.

The flaw allows hackers to distribute malware-laced attachments that may exploit susceptible devices and acquire network access. It allows the hackers steal data, send malicious emails to other targets, or install additional malware once inside an organization’s network.

According to Mandiant, the hackers have been targeting businesses in a range of industries, including government, trade, and academia, since at least October. In certain situations, hackers were able to keep access to target networks even after Barracuda patched the flaw. The hackers introduced used new strains of malware to adapt and maintain their presence in the victim’s network.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an updated notice recommending firms to examine any indicators of penetration properly. Mandiant also advised that all impacted organizations replace infected devices and undertake rigorous network audits to uncover any residual hacker presence.

The sources for this piece include an article in Axios.

SUBSCRIBE NOW

Related articles

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways