If you look at the URL, you should know that things are serious.


Filed under "legal"
Barracuda Networks has submitted a security advisory in the ‘legal’ section

And there was a very enthusiastic attempt to highlight the company’s commitment to protecting your data…they definitely didn’t want you to miss it.

barracuda friendly

We are committed to protecting your data

The big friendly letter reminded me quite aptly of the famous saying, “Don’t Panic!” On the cover of The Hitchhiker’s Guide to the Galaxy…

But if you’re feeling panic, I probably can’t blame you. That’s because security firm Barracuda Networks is warning people about security vulnerabilities in its Email Security Gateway (ESG) appliances.

But beyond that, Barracuda has taken the unusual step of a network security vendor by telling customers to: Physically remove and decommission hardware.

Action Notice: Affected ESG appliances should be replaced immediately regardless of patch version level. If you haven’t replaced your appliance after receiving a notification in the UI, contact support now ([email protected]).

Barracuda’s current recommended remedy is to replace the affected ESG entirely.

That is correct. Barracuda isn’t telling you to patch appliances that scan incoming and outgoing email for malware. They want you to remove it and replace it.

Sign up for our free newsletter.
Security news, advice and tips.

Hackers have clearly exploited a security vulnerability in the Barracuda Email Security Gateway appliance, and patches cannot drive it out.

There may be over 10,000 Barracuda ESG appliances in use worldwide. And malicious exploits against vulnerable Barracuda ESG appliances appear to have taken place since at least October 2022.

No wonder Barracuda has taken legal advice on how to communicate this to customers.

“Don’t you panic?”

Did you enjoy this article? Follow Graham Cluley on Twitter again Mastodon To read more of the exclusive content we post,

Graham Cluley is a cybersecurity industry veteran and has worked for many security companies since the early 1990s when he created the first version of Dr. Solomon’s Antivirus Toolkit for Windows. He is now an independent analyst, making regular media appearances and an international speaker on the subject of cybersecurity, hackers and online privacy.follow him twitter, MastodonBluesky, or email him.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog