Barracuda trades malware-affected ESGs for free
Attackers recently exploited a vulnerability in Barracuda Email Security Gateways (ESG). In some cases, the attackers were able to place malware that is still active after an update. Barracuda informs affected customers and even replaces the ESGs free of charge. In a statement, Barracuda explains the situation regarding security gaps and Email Security Gateway (ESG). The detailed vulnerability described is explained under CVE-2023-2868. The provided update is also recommended there. In addition, security specialist Mandiant investigated the incident and wrote an interesting blog post. In it, Mandiant leads…