all InfoSec news
New persistent backdoor used in attacks on Barracuda ESG appliances
Help Net Security www.helpnetsecurity.com
The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection vulnerability in Barracuda Email Security Gateway (ESG) appliances. Barracuda ESG zero-day exploit and backdoors In late May, Barracuda warned that attackers have been exploiting the (then zero-day) vulnerability in Barracuda Networks’ ESG physical appliances. As previously specified by Mandiant, the threat actors then set up a reverse shell backdoor on the appliances, … More
The post …
agency analysis attackers attacks backdoor backdoors barracuda barracuda esg barracuda networks cisa command command injection cve cve-2023-2868 cybersecurity don't miss email email security email security gateway esg exploit exploiting gateway hot stuff infrastructure injection may persistent report security security gateway vulnerability zero-day zero-day exploit