Mandiant Warns Hackers Are Still Targeting Barracuda Email Security Gateway Devices
SiliconANGLE , Tuesday, August 29,2023
Researchers at Google LLC-owned cybersecurity firm Mandiant today warned that alleged Chinese attackers have and are continuing to target a zero-day vulnerability in Barracuda Networks Inc. devices successfully.
The vulnerability in Barracuda's Email Security Gateway, tracked as CVE-2023-2868, was patched in May. After the release of the patch, Mandiant and Barracuda did not identify evidence that any malicious actors were still actively exploiting the vulnerability, though a small number of ESG appliances were affected before the patch was released.
A month later, evidence emerged that the vulnerability was still being targeted, with Barracuda advising customers to replace vulnerable email security applications regardless of their patch status in order to address the attacks. 'If you have not replaced your appliance after receiving notice in your UI, contact support now,' the company wrote in an advisory. 'Barracuda's remediation recommendation at this time is full replacement of the impacted ESG.'