Email security

Zero-day exploited to breach Barracuda email gateways

Share

BleepingComputer reports that some Barracuda Email Security Gateway instances have been compromised in attacks exploiting a zero-day vulnerability, which has already been patched in security updates issued over the weekend. No other Barracuda products have been impacted by the security flaw, according to Barracuda Networks, which has already informed users whose appliances may have been breached. Organizations using Barracuda ESG have been urged to conduct a review of their environments to ensure the safety of other network devices. "If a customer has not received notice from us via the ESG user interface, we have no reason to believe their environment has been impacted at this time and there are no actions for the customer to take," said Barracuda. Meanwhile, fixes have also been issued by Barracuda for a login issue and a faulty spam scoring logic in its Email Gateway Defense appliances.

Related

Cyberattack pilfers $250K from iLearningEngines

Such a disclosure from iLearningEngines, which comes months after questions regarding the legitimacy of its revenue figures surfaced, also follows a string of business email compromise attacks resulting in the theft of millions of dollars in recent months.

Email breach hits Library of Congress

While email correspondences between the Congressional Research Service and other Library staff and certain congressional offices between January and September had been compromised, such an intrusion — which was initially reported by NBC News — did not affect the House and Senate's IT networks and respective email accounts.

Related Events

Related Terms

Bring Your Own Device (BYOD)EavesdroppingEmail SpoofingInternet Message Access Protocol (IMAP)Post Office Protocol, Version 3 (POP3)SpamStore-and-Forward

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.