Tag

Email Security Gateway

All articles tagged with #email security gateway

cybersecurity2 years ago•2 min saved

Barracuda Zero-Day Attacks: Chinese Hackers Target US Government and Telecom

Suspected Chinese hackers targeted government and government-linked organizations worldwide in a series of zero-day attacks on Barracuda Email Security Gateway (ESG). A Mandiant report revealed that almost a third of the hacked appliances belonged to government agencies, with a focus on entities across the Americas. The attacks, motivated by espionage, involved the exfiltration of data from high-profile users in government and high-tech sectors. Barracuda issued patches for the vulnerability on May 20 but later discovered that the zero-day bug had been exploited for at least seven months. The FBI warned that the patches were ineffective, and compromised devices are still being targeted. Customers are advised to replace hacked appliances and investigate their networks for potential breaches.

via BleepingComputer|

#barracuda #chinese-hackers #cybersecurity

cybersecurity2 years ago•2 min saved

Barracuda Urges Immediate Replacement of Vulnerable Email Security Appliances.

Barracuda Networks urged its Email Security Gateway (ESG) customers to replace affected appliances instead of patching them after discovering a zero-day vulnerability that allowed attackers persistent backdoor access to the devices. The company said the malware was identified on a subset of appliances, and evidence of data exfiltration was identified on some systems. Experts suggest that the malware was able to corrupt the underlying firmware that powers the ESG devices in some irreparable way, indicating a state actor. Barracuda advises customers to rotate any credentials connected to the appliance(s) and check for signs of compromise dating back to at least October 2022.

via Krebs on Security|

#barracuda-networks #cybersecurity #email-security-gateway