#1 Trusted Cybersecurity News Platform Followed by 3.76+ million
The Hacker News Logo
Subscribe to Newsletter
CrowdSec

Barracuda | Breaking Cybersecurity News | The Hacker News

Barracuda Urges Immediate Replacement of Hacked ESG Appliances

Barracuda Urges Immediate Replacement of Hacked ESG Appliances

Jun 08, 2023 Email Security / Vulnerability
Enterprise security company Barracuda is now urging customers who were impacted by a recently disclosed zero-day flaw in its Email Security Gateway (ESG) appliances to immediately replace them. "Impacted ESG appliances must be immediately replaced regardless of patch version level," the company  said  in an update, adding its "remediation recommendation at this time is full replacement of the impacted ESG." While the company did not disclose the reasons behind the move, it's likely an indication that the threat actors behind the campaign managed to tamper with the firmware on a much deeper level that a patch cannot completely address. The latest development comes as Barracuda  disclosed  that a critical flaw in the devices (CVE-2023-2868, CVSS score: 9.8) had been exploited as a zero-day for at least seven months since October 2022 to deliver bespoke malware and steal data. The  vulnerability  concerns a case of remote code injection affecting versions 5.1
Alert: Hackers Exploit Barracuda Email Security Gateway 0-Day Flaw for 7 Months

Alert: Hackers Exploit Barracuda Email Security Gateway 0-Day Flaw for 7 Months

May 31, 2023 Network Security / Zero Day
Enterprise security firm Barracuda on Tuesday disclosed that a recently patched zero-day flaw in its Email Security Gateway (ESG) appliances had been abused by threat actors since October 2022 to backdoor the devices. The latest  findings  show that the  critical vulnerability , tracked as  CVE-2023-2868  (CVSS score: N/A), has been actively exploited for at least seven months prior to its discovery. The flaw, which Barracuda identified on May 19, 2023, affects versions 5.1.3.001 through 9.2.0.006 and could allow a remote attacker to achieve code execution on susceptible installations. Patches were released by Barracuda on May 20 and May 21. "CVE-2023-2868 was utilized to obtain unauthorized access to a subset of ESG appliances," the network and email security company  said  in an updated advisory. "Malware was identified on a subset of appliances allowing for persistent backdoor access. Evidence of data exfiltration was identified on a subset of impacted appliance
cyber security

external linkSay Goodbye to SaaS Blind Spots: Wing Security Unveils Free Discovery Tool

websitewww.wing.securitySaaS Security / Attack Surface
Wing Security finds and ranks all SaaS applications completely for free, removing unnecessary risk.
Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances

Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances

May 26, 2023 Email Security / Zero-Day
Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been exploited to breach the company's Email Security Gateway (ESG) appliances. The zero-day is being tracked as  CVE-2023-2868  and has been described as a remote code injection vulnerability affecting versions 5.1.3.001 through 9.2.0.006. The California-headquartered firm  said  the issue is rooted in a component that screens the attachments of incoming emails. "The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives)," according to an  advisory  from the NIST's national vulnerability database. "The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely exe
Cybersecurity Resources