A suspected Chinese hacking group (tracked as UNC4841) continues to target compromised Barracuda appliances in government, high tech, and information technology sectors. The group originally targeted organizations worldwide by exploiting a zero-day vulnerability discovered in Barracuda Email Security Gateway (ESG). Mandiant initially detailed the 8-month-long espionage campaign in a blog post on June 15, 2023. The vulnerability, reported as CVE-2023-2868, allows for remote command execution on the target appliance while processing .tar files containing specially crafted file names.
[Read more…] about Chinese Hackers Continue Espionage Campaign Despite Barracuda Remediation