April 23, 2024

Barracuda: Immediately rip out and replace our security hardware

The URL ought to have given away that issues have been severe.

https://www.barracuda.com/firm/authorized/esg-vulnerability

Filed under "Legal"
Barracuda Networks filed the safety advisory underneath “Authorized”

After which there was the very eager try to underline the agency’s dedication to securing your information… they undoubtedly didn’t need you to overlook that.

Barracuda friendly

We’re dedicated to securing your information

The massive pleasant letters jogged my memory – fairly aptly – of the well-known phrases “Don’t panic!” on the entrance of the “HitchHiker’s Information to the Galaxy”…

However should you have been feeling a way of panic, I in all probability couldn’t blame you, as a result of safety agency Barracuda Networks is warning individuals of a safety vulnerability in its Electronic mail Safety Gateway (ESG) equipment.

However greater than that, Barracuda is taking the bizarre step for a community safety vendor of telling its clients to physically remove and decommission its hardware.

ACTION NOTICE: Impacted ESG home equipment should be instantly changed no matter patch model stage. When you’ve got not changed your equipment after receiving discover in your UI, contact assist now ([email protected]).

Barracuda’s remediation suggestion presently is full alternative of the impacted ESG.

That’s proper. Barracuda will not be telling you to use a patch to the equipment that scans your incoming and outgoing e-mail for malware. They need you to tear it out and change it as an alternative.

Signal as much as our free e-newsletter.
Safety information, recommendation, and ideas.

Clearly hackers have managed to use safety vulnerabilities on the Barracuda Electronic mail Safety Gateway equipment to such an extent that any patch merely isn’t as much as the job of kicking them out.

There are more likely to be 10,000+ Barracuda ESG home equipment in use all over the world. And it seems malicious exploitation of susceptible Barracuda ESG home equipment has been going down since not less than October 2022.

No marvel Barracuda is getting some authorized recommendation on learn how to talk this to its clients.

“Don’t panic?”

Discovered this text attention-grabbing? Follow Graham Cluley on Twitter or Mastodon to learn extra of the unique content material we put up.


Graham Cluley is a veteran of the cybersecurity business, having labored for numerous safety corporations for the reason that early Nineteen Nineties when he wrote the primary ever model of Dr Solomon’s Anti-Virus Toolkit for Home windows. Now an unbiased analyst, he often makes media appearances and is a world public speaker on the subject of cybersecurity, hackers, and on-line privateness.
Comply with him on Twitter, Mastodon, Bluesky, or drop him an e-mail.