Barracuda ESG Appliances Compromised | Veeam Community Resource Hub

Another day, another breach.

This time threat actors have breached Barracuda ESG Appliances. If any folk as using these appliances, it might be worth giving them a check under direction of the vendor.

More here: Threat Actors Compromise Barracuda Email Security Appliances (darkreading.com)

Thanks for sharing Dips.

Thanks for the heads up.

"resulted in unauthorized access to a subset of email gateway appliances," -- big yikes 😓

Taking over an email security appliance with an attachment 😖

Thanks for sharing this @dips

No problem @regnor

Turns out its been exploited since October 2022.

They’ve published more information here: https://www.barracuda.com/company/legal/esg-vulnerability

IOC’s are also available

Used to use Barracuda at my previous job...over 10yrs ago. Semi-decent appliance back in the day, tho was a bit simplistic (needed way more features). I don’t handle content-filtering in my current role/org..thankfully. Thanks for the share Dipen.

No problem. It does look quite bad. They are now recommending that the ESG appliances are replaced.

Eeek!

Wow Email Security Gateway too, talk about a bad place to get hit!

There is no safe space anywhere! 😱

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded