Barracuda Zero-Day Attacks: Chinese Hackers Target US Government and Telecom
Suspected Chinese hackers targeted government and government-linked organizations worldwide in a series of zero-day attacks on Barracuda Email Security Gateway (ESG). A Mandiant report revealed that almost a third of the hacked appliances belonged to government agencies, with a focus on entities across the Americas. The attacks, motivated by espionage, involved the exfiltration of data from high-profile users in government and high-tech sectors. Barracuda issued patches for the vulnerability on May 20 but later discovered that the zero-day bug had been exploited for at least seven months. The FBI warned that the patches were ineffective, and compromised devices are still being targeted. Customers are advised to replace hacked appliances and investigate their networks for potential breaches.
- US govt email servers hacked in Barracuda zero-day attacks BleepingComputer
- Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868) Mandiant
- Chinese APT Was Prepared for Remediation Efforts in Barracuda ESG Zero-Day Attack SecurityWeek
- Barracuda Attackers Targeted Governments Across U.S.: Researchers CRN
- Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom The Hacker News
- View Full Coverage on Google News
Reading Insights
0
0
2 min
vs 3 min read
80%
571 → 116 words
Want the full story? Read the original article
Read on BleepingComputer