Security News > 2023 > August > US govt email servers hacked in Barracuda zero-day attacks

Suspected Chinese hackers disproportionately targeted and breached government and government-linked organizations worldwide in recent attacks targeting a Barracuda Email Security Gateway zero-day, with a focus on entities across the Americas.

Barracuda warned customers that the vulnerability was being exploited to breach ESG appliances on May 20, when it also patched all vulnerable devices remotely.

While Mandiant and Barracuda are yet to find evidence of new ESG appliances being compromised via CVE-2023-2868 exploits after they were patched, the FBI warned last week that the patches are "Ineffective," and that patched devices are still being compromised in ongoing attacks.

The U.S. federal law enforcement agency also reinforced Barracuda's warning to customers that they should isolate and replace hacked appliances as soon as possible, advised them to investigate their networks for potential breaches, and urged them to revoke and rotate enterprise-privileged credentials to thwart the attackers' attempts to maintain network persistence.

FBI warns of patched Barracuda ESG appliances still being hacked.

CISA: New Submarine malware found on hacked Barracuda ESG appliances.

News URL

https://www.bleepingcomputer.com/news/security/us-govt-email-servers-hacked-in-barracuda-zero-day-attacks/