www.csoonline.com
Open in
urlscan Pro
151.101.130.165
Public Scan
URL:
https://www.csoonline.com/article/3699255/act-government-falls-victim-to-barracuda-s-esg-vulnerability.html
Submission: On June 09 via manual from US — Scanned from DE
Submission: On June 09 via manual from US — Scanned from DE
Form analysis
1 forms found in the DOM<form class="gsc-search-box gsc-search-box-tools" accept-charset="utf-8">
<table cellspacing="0" cellpadding="0" role="presentation" class="gsc-search-box">
<tbody>
<tr>
<td class="gsc-input">
<div class="gsc-input-box" id="gsc-iw-id1">
<table cellspacing="0" cellpadding="0" role="presentation" id="gs_id50" class="gstl_50 gsc-input" style="width: 100%; padding: 0px;">
<tbody>
<tr>
<td id="gs_tti50" class="gsib_a"><input autocomplete="off" type="text" size="10" class="gsc-input" name="search" title="search" aria-label="search" id="gsc-i-id1" dir="ltr" spellcheck="false" placeholder="Start Searching"
style="width: 100%; padding: 0px; border: none; margin: 0px; height: auto; outline: none;"></td>
<td class="gsib_b">
<div class="gsst_b" id="gs_st50" dir="ltr"><a class="gsst_a" href="javascript:void(0)" title="Clear search box" role="button" style="display: none;"><span class="gscb_a" id="gs_cb50" aria-hidden="true">×</span></a></div>
</td>
</tr>
</tbody>
</table>
</div>
</td>
<td class="gsc-search-button"><button class="gsc-search-button gsc-search-button-v2"><svg width="13" height="13" viewBox="0 0 13 13">
<title>search</title>
<path
d="m4.8495 7.8226c0.82666 0 1.5262-0.29146 2.0985-0.87438 0.57232-0.58292 0.86378-1.2877 0.87438-2.1144 0.010599-0.82666-0.28086-1.5262-0.87438-2.0985-0.59352-0.57232-1.293-0.86378-2.0985-0.87438-0.8055-0.010599-1.5103 0.28086-2.1144 0.87438-0.60414 0.59352-0.8956 1.293-0.87438 2.0985 0.021197 0.8055 0.31266 1.5103 0.87438 2.1144 0.56172 0.60414 1.2665 0.8956 2.1144 0.87438zm4.4695 0.2115 3.681 3.6819-1.259 1.284-3.6817-3.7 0.0019784-0.69479-0.090043-0.098846c-0.87973 0.76087-1.92 1.1413-3.1207 1.1413-1.3553 0-2.5025-0.46363-3.4417-1.3909s-1.4088-2.0686-1.4088-3.4239c0-1.3553 0.4696-2.4966 1.4088-3.4239 0.9392-0.92727 2.0864-1.3969 3.4417-1.4088 1.3553-0.011889 2.4906 0.45771 3.406 1.4088 0.9154 0.95107 1.379 2.0924 1.3909 3.4239 0 1.2126-0.38043 2.2588-1.1413 3.1385l0.098834 0.090049z">
</path>
</svg></button></td>
<td class="gsc-clear-button">
<div class="gsc-clear-button" title="clear results"> </div>
</td>
</tr>
</tbody>
</table>
</form>
Text Content
Close Ad cso online GERMANY * United States * ASEAN * Australia * India * United Kingdom * Germany × search More from the Foundry Network * About Us | * Contact | * Republication Permissions | * Privacy Policy | * Cookie Policy | * European Privacy Settings | * Member Preferences | * Advertising | * Foundry Careers | * Ad Choices | * E-commerce Links | * California: Do Not Sell My Personal Info | * Follow Us * * * × Close * Barracuda urges customers to replace vulnerable appliances immediately * RELATED STORIES * Barracuda patches zero-day vulnerability exploited since October * SPONSORED BY Advertiser Name Here Sponsored item title goes here as designed * DXC Technology says global network is not compromised following Latitude... * 10 notable critical infrastructure cybersecurity initiatives in 2023 * Home * Security * Data Breach News ACT GOVERNMENT FALLS VICTIM TO BARRACUDA’S ESG VULNERABILITY THE ACT GOVERNMENT REVEALED IT IS RESPONDING TO A SECURITY BREACH IN THE E-MAIL GATEWAY SYSTEM PROVIDED BY BARRACUDA WITH THE POTENTIAL OF PERSONAL INFORMATION BEING IMPACTED. * * * * * * * By Samira Sarraf Regional Editor for Australia and New Zealand, CSO | 9 June 2023 0:51 mark higgins / Shutterstock The Australian Capital Territory government is one of the victims of a vulnerability found in Barracuda’s email security gateway (ESG). In a press conference on 8 June, ACT government chief digital officer Bettina Konti said there is a likelihood that some personal information is involved but the harms assessment needs to completed for that to be clear. Barracuda had first identified the CVE-2023-2838 vulnerability on 19 May issuing a patch worldwide on 20 May followed by a second patch on 21 May. A few days later, on 30 May, the vendor revealed the earliest identified evidence of exploitation took place in October 2022. Two days before the ACT government had revealed to be responding to a security breach, Barracuda posted a warning that impacted appliances must be replaced immediately. The vulnerability existed in a module which initially screens the attachments of incoming emails. ACT GOVERNMENT RESPONSE TO SECURITY BREACH Once the territory government detected the vulnerability the ACT Cyber Security Centre immediately completed a rebuild of the impacted Barracuda system to eliminate any ongoing vulnerability, the ACT government revealed in a statement. “The investigation has now identified that a breach has occurred and a harms assessment is underway to fully understand the impact specific to our systems, and importantly to the data that may have been accessed.” The territory government is confident that actions taken to date have contained the breach and that there is no ongoing threat, and instructed citizens can continue to use ACT Government online systems with confidence. The ACT government is working with the Australian Cyber Security Centre and Barracuda Networks on the ongoing investigation. Weekly updates are expected to be shared in a page dedicated to the incident. Next read this * The 10 most powerful cybersecurity companies * 7 hot cybersecurity trends (and 2 going cold) * The Apache Log4j vulnerabilities: A timeline * Using the NIST Cybersecurity Framework to address organizational risk * 11 penetration testing tools the pros use Related: * Data Breach With years of experience covering technology and business across the IT channel, Samira Sarraf managed the enterprise IT content at and wrote for the CIO.com, CSO Online, and Computerworld editions in Australia and New Zealand. She is now an editor with CSO Online global. Follow * * * * Copyright © 2023 IDG Communications, Inc. 7 hot cybersecurity trends (and 2 going cold) CSO Online CSO provides news, analysis and research on security and risk management Follow us * * * * About Us * Contact * Republication Permissions * Privacy Policy * Cookie Policy * European Privacy Settings * Member Preferences * Advertising * Foundry Careers * Ad Choices * E-commerce Links * California: Do Not Sell My Personal Info Copyright © 2023 IDG Communications, Inc. Explore the Foundry Network descend * CIO * Computerworld * CSO Online * InfoWorld * Network World CSO WANTS TO SHOW YOU NOTIFICATIONS -------------------------------------------------------------------------------- YOU CAN TURN OFF NOTIFICATIONS AT ANY TIME FROM YOUR BROWSER Accept Do not accept POWERED BY SUBSCRIBERS