The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection vulnerability in Barracuda Email Security Gateway (ESG) appliances. Barracuda ESG zero-day exploit and backdoors In late May, Barracuda warned that attackers have been exploiting the (then zero-day) vulnerability in Barracuda Networks’ ESG physical appliances. As previously specified by Mandiant, the threat actors then set up a reverse shell backdoor on the appliances, … More
The post New persistent backdoor used in attacks on Barracuda ESG appliances appeared first on Help Net Security.