IT disaster recovery, cloud computing and information security news

The US CISA has issued a warning alert to organizations concerning a recently announced vulnerability in the Barracuda Email Security Gateway Appliance (ESG) which is being actively exploited.

The CISA warning reinforces the Barracuda Networks advisory on vulnerability (CVE-2023-2868) in which Barracuda advises their ESG customers to immediately replace impacted appliances.

CISA urges organizations to:

Review the Barracuda advisory and for all impacted customers to follow the mitigation steps as well as hunt for the listed indicators of compromise (IOCs) to uncover any malicious activity.

CISA also states that:

Barracuda customers who used enterprise privileged credentials for management of their Barracuda appliance (such as Active Directory Domain Admin or similar) should take immediate incident investigation steps to validate the use and behavior of all credentials used on the appliance. It is of utmost importance to verify that threat actors have not compromised customer enterprise networks via this entry vector.

Read the CISA advisory
Read the Barracuda advisory


Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.