Barracuda, a provider of email and network security solutions, issued a warning to its customers today that a zero-day vulnerability had been exploited to compromise some of their Email Security Gateway (ESG) equipment last week.
The email attachment scanning module had a flaw that was uncovered on Friday, May 19th. On May 20 and 21, two security fixes were implemented to fix the problem. Even though the vulnerability was fixed over the weekend, Barracuda informed on Tuesday that some of its customers ESG equipment had been breached.
According to the company’s findings, the flaws lead to unauthorized access to a subset of email gateway appliances.” We have informed users whose appliances may have been affected by this through the ESG user interface. Barracuda has also contacted these customers directly.
Other products, like as the company’s SaaS email security services, were not vulnerable. Barracuda claimed that the scope of the probe did not extend to the client’s internal networks but only to their ESG product. As a result, the firm recommends that affected firms do an environmental evaluation to ensure that the threat actors have not migrated to additional network devices.
Barracuda did not respond to a follow-up email inquiring about the number of customers whose ESG appliances were compromised or whether or not their data was compromised. Barracuda fixed a login problem for EGD appliances and a flawed spam scoring algorithm that improperly rejected customer emails today.
Over 200,000 enterprises, including Samsung, Mitsubishi, Kraft Heinz, Delta Airlines, and others, employ Barracuda’s enterprise-grade security solutions, the company claims.
Barracuda Email Protection
Barracuda is a reputable security provider that offers a suite of user-friendly, cloud-based solutions, delivering security for emails, networks, data, and applications for a global customer base. Among its myriad services, Barracuda Essentials is a comprehensive email security solution that incorporates email protection, continuity, encryption, and optional additions like email archiving and Office 365 backup.
The email protection component serves as a secure gateway, blocking potential email threats before they infiltrate your network, Office 365, or G-Suite. This package is primarily targeted at small to medium-sized businesses, offering a unified solution for email security and data protection.
Key Features of Barracuda Email Protection
This cloud-hosted email security service boasts an array of features, providing extensive protection. It includes granular policy controls for administrators and robust filtering through virus scanning, spam scoring, and real-time analysis. Included within the core service is Advanced Threat Protection and URL scanning – features for which other providers might charge extra.
Barracuda Email Protection integrates seamlessly with Office 365, serving as an excellent supplementary service. Its pricing is cost-effective, and it provides robust technical support and management features. Additional Barracuda offerings, such as the Sentinel service, offer multi-layered defense against phishing and business email compromise.
Outbound Filtering and encryption safeguards businesses against data loss, while optional add-on modules, like Archiving and Continuity, enhance functionality. Customers have the ability to dictate the location of their data. The platform’s AI systems offer real-time protection against phishing attacks by recognizing and learning from business communication patterns. Administrators receive real-time notifications of security threats, and any malicious emails are promptly quarantined.
Conclusion
Barracuda Networks, a network security company, warned customers of a compromise in some Email Security Gateway (ESG) appliances. Threat actors exploited CVE-2023-2868, a zero-day vulnerability that was patched. The vulnerability was found in the email attachment screening module on May 19. Barracuda quickly released security updates on May 20 and 21. “On May 19, 2023, Barracuda identified a vulnerability in our Email Security Gateway appliance (ESG). On Saturday, May 20, 2023, all ESG appliances globally were patched to eradicate the vulnerability. The report added that “The vulnerability existed in a module which initially screens the attachments of incoming emails.”
Since hundreds of thousands of organizations, including some high-profile enterprises, use ESG equipment, this issue could have far-reaching ramifications. Barracuda says the issue does not affect its other products or SaaS email security services. The business found that the bug targeted a subset of email gateway appliances. Barracuda notified consumers via the ESG user interface of affected appliances. Users of affected appliances were notified via the ESG user interface. Barracuda also contacted these customers. Barracuda’s ESG product assessment did not include customers’ settings. The business advises affected organizations to check their networks for attacker-compromised systems.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.