Barracuda, a large cybersecurity company was hacked

Barracuda said that some of its customers using the Email Security Gateway were affected by an attack that occurred the previous week and exploited a zero-day vulnerability present in the device.

In its announcement, the cybersecurity vendor did not provide any information on the number of customers affected. Barracuda disclosed this information in an article published on Tuesday, stating that the vulnerability was found on May 19 and that the company applied a fix “to all ESG devices worldwide” the next day. On May 21, a second patch was applied to all Email Security Gateway computers in use.

According to what the investigation has discovered thus far, the vulnerability “caused unauthorized access to a subset of Email Security Gateway devices.” Barracuda has reportedly spoken to all of its affected customers. According to Barracuda, the enterprise-grade security solutions it offers today are used by more than 200,000 organizations worldwide. These companies include Samsung, Mitsubishi, Kraft Heinz, Delta Airlines, and other well-known companies.

The vulnerability, which has been assigned the tracking number CVE-2023-2868, is in the module that is responsible for filtering email attachments. Because affected Email Security Gateway (ESG) appliances are used by hundreds of thousands of companies around the world, including some prominent companies, the issue has the potential to have a substantial effect.

Other Barracuda products are not affected by the vulnerability, and the company has said that its SaaS email security services are not affected by this issue.

The organization conducted an investigation into the vulnerability and found that it had been used in an attack against a subset of Email Security Gateway computers. The company informed customers whose appliances they believed were affected by sending a message through the ESG user interface.

Barracuda advised its affected customers in a blog post to “check your surroundings and determine any additional actions you wish to take.”

He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He has also worked for security companies such as Kaspersky Lab. His daily work includes investigating new malware and cybersecurity incidents. He also has a deep level of knowledge in mobile security and mobile vulnerabilities.

Send news tips to [email protected] or www.instagram.com/iicsorg/

You can also find us on Telegram www.t.me/noticiasciberseguridad