Barracuda, a prominent enterprise security firm, recently shared details regarding a serious vulnerability that malicious actors had leveraged to compromise its Email Security Gateway (ESG) appliances since October 2022.
What does Barracuda do?
Barracuda is a global company that provides security solutions for emails, applications, cloud, network and data. Services range from threat scanners and automated incident response to web application firewalls and data backup.
Tell me more about the Barracuda zero-day
The Barracuda zero-day, recognized under the tracking code CVE-2023-2868, was exploited for about seven months before Barracuda identified the vulnerability on May 19, 2023.
The security flaw affects certain versions of the ESG appliances and could potentially enable remote attackers to execute harmful code on susceptible installations.
The company discovered that unauthorized access had been gained on a subset of its ESG appliances and found evidence of malware that created persistent backdoor access, as well as indications of data exfiltration.
Barracuda, in collaboration with cybersecurity professionals, has identified three different malware strains used in these cyberattacks:
The company quickly released patches to address the zero-day vulnerability.
What is Nuspire doing?
Nuspire is not affected by this vulnerability; however, the company actively threat hunts within client environments for indications of compromise.
What should I do?
Considering the severe implications of this vulnerability, organizations should review the following recommendations: