Barracuda urges customers to remove and replace vulnerable hardware exploited by hackers
Reading Time: 2 minutesBarracuda Networks has told customers they must replace vulnerable email gateway appliances following the disclosure of a critical security flaw.
The technology company, which provides security, networking and storage products, is issuing the extraordinary guidance as it struggles to contain a zero-day flaw that hackers have exploited since October.
Hackers are abusing the critical-rated vulnerability, tracked as CVE-2023-2868, to install two types of malware, dubbed ‘Saltwater’ and ‘SeaSpy,’ which create a backdoor on vulnerable Barracuda Email Security Gateway (ESG) appliances that can be used to exfiltrate sensitive corporate data. ESG products are essentially firewalls for email, and are used for filtering inbound and outbound emails for potentially malicious content.
Barracuda said it first discovered the vulnerability on May 19 and deployed a patch ‘to all ESG appliances worldwide’ the following day. Another update was deployed on May 21.
This week, however, Barracuda added an ‘action notice’ to its advisory, urging all affected customers to replace ESG appliances impacted by the vulnerability, regardless of firmware version or patch level. According to Barracuda, affected customers have already been notified through breached ESGs’ user interface.
‘If you have not replaced your appliance after receiving notice… contact support now,’ Barracuda said. ‘Barracuda’s remediation recommendation at this time is full replacement of the impacted ESG.’
‘The pivot from patch to total replacement of affected devices is fairly stunning and implies the malware the threat actors deployed somehow achieves persistence at a low enough level that even wiping the device wouldn’t eradicate attacker access,’ said Caitlin Condon, a security researcher at Rapid7.
In addition to replacing impacted devices, Barracuda is urging ESG customers to rotate any credentials connected to the appliances and to check for signs of compromise dating back to at least October 2022.
CISA, the U.S. government’s cybersecurity agency, added the Barracuda bug to its Known Exploited Vulnerabilities Catalog late last month and has urged federal agencies with ESG appliances to check their networks for evidence of breaches.
Read more:
- Another huge US medical data breach confirmed after Fortra mass-hack
- Shell Recharge security lapse exposed EV drivers’ data
- Microsoft to pay $20M settlement for illegally collecting children’s personal data
Ref: techcrunch
MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG