Categories: US-Cert-Repository

CISA Releases IOCs Associated with Malicious Barracuda Activity

CISA has released additional indicators of compromise (IOCs) associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. Malicious threat actors exploited this vulnerability as a zero day as early as October 2022 to gain access to ESG appliances.

Download the newly released IOCs associated with this activity:

IOCs Associated with Exploitation of Barracuda ESG Vulnerability CVE-2023-2868
(JSON, 85.34 KB
)

Review the following advisories for more information:

Barracuda: Barracuda Email Security Gateway Appliance (ESG) Vulnerability
Mandiant: Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)

See CISA Releases Malware Analysis Reports on Barracuda Backdoors for malware analysis reports (MARs) covering previously released IOCs and YARA rules and Barracuda Networks Releases Update to Address ESG Vulnerability.

Source link

admin

Next CISA and FBI Publish Joint Advisory on QakBot Infrastructure »

Previous « CISA Adds One Known Exploited Vulnerability to Catalog

This website uses cookies.

CISA Releases IOCs Associated with Malicious Barracuda Activity

Recent Posts

Microsoft Releases Out-of-Band Security Update to Mitigate Windows Server Update Service Vulnerability, CVE-2025-59287

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Releases Eight Industrial Control Systems Advisories

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Releases 10 Industrial Control Systems Advisories

CISA Adds Five Known Exploited Vulnerabilities to Catalog