CISA: CISA Releases IOCs Associated with Malicious Barracuda Activity
CISA Releases IOCs Associated with Malicious Barracuda Activity
CISA has released additional indicators of compromise (IOCs) associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. Malicious threat actors exploited this vulnerability as a zero day as early as October 2022 to gain access to ESG appliances.
Download the newly released IOCs associated with this activity:
Review the following advisories for more information:
- Barracuda: Barracuda Email Security Gateway Appliance (ESG) Vulnerability
- Mandiant: Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
See CISA Releases Malware Analysis Reports on Barracuda Backdoors for malware analysis reports (MARs) covering previously released IOCs and YARA rules and Barracuda Networks Releases Update to Address ESG Vulnerability.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.