+7Another day, another breach.
This time threat actors have breached Barracuda ESG Appliances. If any folk as using these appliances, it might be worth giving them a check under direction of the vendor.
More here: Threat Actors Compromise Barracuda Email Security Appliances (darkreading.com)
+21Thanks for sharing Dips.
+4Thanks for the heads up.
"resulted in unauthorized access to a subset of email gateway appliances," -- big yikes 😓
+14Taking over an email security appliance with an attachment 😖
Thanks for sharing this
+7No problem
Turns out its been exploited since October 2022.
They’ve published more information here: https://www.barracuda.com/company/legal/esg-vulnerability
IOC’s are also available
+20Used to use Barracuda at my previous job...over 10yrs ago. Semi-decent appliance back in the day, tho was a bit simplistic (needed way more features). I don’t handle content-filtering in my current role/org..thankfully. Thanks for the share Dipen.
+7No problem. It does look quite bad. They are now recommending that the ESG appliances are replaced.
+20Eeek!
+22Wow Email Security Gateway too, talk about a bad place to get hit!
+7Wow Email Security Gateway too, talk about a bad place to get hit!
There is no safe space anywhere! 😱
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
