Barracuda Zero-Day Attacks Target U.S. Government

0
162

  • A China-based hacking group called UNC4841 exploited a zero-day vulnerability in Barracuda’s Email Security Gateway (ESG) to target U.S. government bodies.
  • The Federal Bureau of Investigation issued a flash alert claiming that several appliances remained at risk.

Barracuda Networks and Google’s Mandiant have revealed that a zero-day vulnerability in Barracuda’s email security gateway (ESG) was exploited extensively by a China-based hacking group called UNC4841. The group largely targeted government organizations in the U.S. and Canada.

The vulnerability known as CVE-2023-2868 has reportedly been exploited since late 2022, while it has been known widely only in May 2023. While Barracuda dropped a patch soon after, the fix was eventually deemed ineffective, forcing the company to advise affected organizations to discard vulnerable devices.

The zero-day vulnerability allows remote command injections in some Barracuda ESG devices, which account for approximately 5% of all installations, giving attackers RCE capabilities with higher privileges.

While Mandiant and Barracuda have claimed that there has been no exploitation of the vulnerability since the patch, the…

?xml>

Read More…

Актуальные книги на английском