FBI confirms Barracuda patch is not effective for exploited ESG appliances

Categories: Exploits and vulnerabilities

Categories: News

Tags: Barracuda ESG

Tags: CVE-2023-2868

Tags: SEASPY

Tags: SUBMARINE

Tags: WHIRLPOOL

The FBI repeats the warning by Barracuda that all ESG appliances should immediately be replaced because the patch was ineffective.

(Read more…)

The post FBI confirms Barracuda patch is not effective for exploited ESG appliances appeared first on Malwarebytes Labs.

Read more

Compromised Barracuda appliances equipped with persistent backdoors by attackers

Categories: Exploits and vulnerabilities

Categories: News

Tags: Barracuda

Tags: ESG

Tags: CVE-2023-2868

Tags: SUBMARINE

Tags: SEASPY

Tags: shell

CISA has released three reports based on the analysis of backdoors planted on compromised Barracuda ESG appliances

(Read more…)

The post Compromised Barracuda appliances equipped with persistent backdoors by attackers appeared first on Malwarebytes Labs.

Read more

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

Credit to Author: BrianKrebs| Date: Thu, 08 Jun 2023 20:17:06 +0000

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely updated with software fixes.

Read more