WASHINGTON–The FBI is urging the immediate removal of previously hacked email security appliances made by Barracuda Networks, saying they have been exploited by Chinese hackers.
The recommendation was made in a flash alert, in which the FBI said it has determined that Chinese hackers have made the patches from Barracuda designed to fix a zero-day vulnerability largely ineffective.
"The FBI continues to observe active intrusions and considers all affected Barracuda ESG appliances to be compromised and vulnerable to this exploit," the flash alert said. "Barracuda customers should remove all ESG appliances immediately," the warning also says.
An Earlier Warning
Barracuda had earlier told the owners of hacked Email Security Gateway appliances they needed to move quickly to replace the equipment regardless of whether they had applied patches to fix the vulnerability.
Barracuda confirmed it has seen continued malicious activity on compromised appliances even after they had been updated with security fixes.
How to Get the Daily CU News Headlines In Your Inbox Each Day, For Free!
The biggest, best and freshest news reporting in credit unions remains free in ’23! Each morning CUToday.info delivers its daily Fresh Today news update offering the latest headlines and breaking news right to your email, with the easy-to-read headlines format allowing you to click on the stories that interest you most in order to learn more.
If you haven’t yet signed up for the new email solution on which CUToday.info has partnered with ResponseGenius, you can do so here. Signing up requires less than one minute of your time—and it’s free!
Please note that after signing up you may need to go to your Spam/Junk folder and mark the morning headlines email as safe. CUToday.info does not provide its list of readers and emails to outside parties, and we will not be contacting you to sell you an extended warranty or sending you any links so you may cash in on an inheritance you didn’t know was coming.
And did we mention it’s free?
Please note and/or make your IT department or email administrator aware the emails will be coming from the domains CUTodayinfo.com and CUTodayinfoReply.com.