Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day
December 27, 2023 at 06:12AM China-linked hackers are persistently targeting Barracuda Email Security Gateway (ESG) appliances. In May 2023, a zero-day vulnerability, CVE-2023-2868, was used to deliver malware and steal data, attributed to cyberespionage group UNC4841. Subsequently, a new zero-day vulnerability, CVE-2023-7102, impacting the ‘Spreadsheet::ParseExcel’ library, was exploited to deliver new malware variants. Barracuda issued … Read more