Security researchers at Mandiant say China-backed hackers are likely behind the mass-exploitation of a recently discovered security flaw in Barracuda Networks’ email security gear, which prompted a warning to customers to remove and replace affected devices. From a report: Mandiant, which was called in to run Barracuda’s incident response, said the hackers exploited the flaw to compromise hundreds of organizations likely as part of an espionage campaign in support of the Chinese government. Almost a third of the targeted organizations are government agencies, Mandiant said in a report published Thursday.

Last month, Barracuda discovered the security flaw affecting its Email Security Gateway (ESG) appliances, which sit on a company’s network and filter email traffic for malicious content. Barracuda issued patches and warned that hackers had been exploiting the flaw since October 2022. But the company later recommended customers remove and replace affected ESG appliances, regardless of patch level, suggesting the patches failed or were unable to block the hacker’s access. In its latest guidance, Mandiant also warned customers to replace affected gear after finding evidence that the China-backed hackers gained deeper access to networks of affected organizations.

Read more of this story at Slashdot.

Source: Slashdot – Mandiant Says China-backed Hackers Exploited Barracuda Zero-Day To Spy on Governments