When it comes to zero-day vulnerabilities, it’s sometimes better to rip and replace an entire device, instead of patching the software.
That’s exactly the case for Barracuda, as a zero-day vulnerability in Barracuda Networks' Email Security Gateway (ESG) devices is now prompting the company to urge its customers to physically remove and decommission the affected hardware instead of relying on software updates.
The original vulnerability was discovered on May 19th, when Barracuda Networks discovered a flaw in their ESG software (used specifically on their hardware appliances). This vulnerability, labeled CVE-2023-2868, stemmed from the program not properly checking the names of files inside .tar files (a type of compressed file). Because of this, threat actors could name a file in a specific way that tricks the software into running a system command. This flaw was taken advantage of, and hackers used this method to access a subset of the Barracuda Email Security Gateway devices and apply malware.
Barracuda initially issued a patch on May 20th, 2023, but just weeks later on June 6th, the company changed its recommendation to full replacement of the affected appliances. The Barracuda advisory states that impacted ESG appliances must be replaced immediately, regardless of the patch level, and Barracuda will provide replacement products to affected customers at no cost.
Why exactly is Barracuda recommending full-scale replacement of devices in order to remediate the threat? Because, according to Barracuda, the malware targeting Barracuda's email security appliances is so deeply embedded at the firmware level that patching software is not an option.
Barracuda states that approximately 5% of active ESG appliances worldwide have shown evidence of compromise due to the vulnerability, and an estimated 11,000 devices remain vulnerable. While no evidence suggests lateral movement within victim networks, there is concern that foreign cyberspies may have been accessing and exfiltrating email data for several months.
Switching to a different email security service can help mitigate the risks associated with a known vulnerability that is actively being exploited. Given the severity of the situation and the compromised state of Barracuda's ESG devices, it’s a good time for customers to consider alternative email security solutions - like Virtru.
Different from Barracuda’s hardware-based approach, Virtru’s Data Protection Gateway is a software-based product. This means that Virtru is easier to deploy, less expensive to maintain, and more resilient in the face of emergent cybersecurity threats. Virtru’s flexible deployment options include direct integrations within Gmail and Microsoft Outlook and/or server-side controls which can protect your entire organization.
Depending on your requirements, Virtru’s Data Protection Gateway can be hosted within our SaaS-based Data Security Platform, run in your own private data center, or run inside of your preferred cloud on hardware that conforms to your organization’s best security practices.
Virtru offers the exact same industry-leading recipient experience across its entire portfolio of solutions - including email encryption, encrypted file sharing, and more. No portals, no new passwords, no new accounts. The end user sending and receiving experience is seamlessly and elegantly integrated into existing solutions you and your business partners use every day. Virtru is designed to be intuitive and straightforward, reducing the need for extensive user training or skillsets.
Virtru incorporates its sophisticated features directly within your existing digital workspaces. Users can access, send, and manage encrypted content through their regular email, cloud, and other common platforms. Virtru Data Loss Prevention (DLP) enhances inbound and outbound email protection by scanning email content in real-time, and applying encryption only when sensitive data is detected. With deep content inspection, the process is automatic, causing no disruption to user workflows.
Virtru’s Data Protection Gateway secures more than just email. With SaaS application integration, you can secure communications both internally and to external stakeholders when leveraging 3rd-party SaaS solutions like Salesforce, Zendesk, and more.
Virtru offers you the ability to secure your data internally and externally. This level of protection gives organizations - small or enterprise - the flexibility to leverage the industry-standard SaaS solutions for their needs, without compromising on data security.
If your organization has been impacted by the Barracuda email gateway zero-day vulnerability — or if you’re just evaluating other options for securing email workflows — Virtru can help. With packages to accommodate small businesses to enterprise level operations, find out exactly how flexible Virtru can be for your organization today.
For qualified customers, we’re offering a FREE for 3 month trial of our Data Protection Gateway.
Contact our team today to start the conversation and get your free access.
Contact us to learn more about our partnership opportunities.