CVE-2023-2868 Flaw: Total Compromise of Physical Barracuda ESG Appliance.
In a stunning public announcement, global security company Barracuda Networks issues a security advisory and notification on June 6th requesting all their clients pivot from a patch to a complete replacement of their Barracuda(ESG) product because of persistent malware from threat actors exposing access even after applying the correct patch version level.
Unable to resolve the malware issue causing attacker access even with software updates, Barracuda said, “Barracuda’s remediation recommendation is a full replacement of the affected ESG.” The CVE-2023-2868 creates backdoor access for hackers with no solution expected shortly.
Moving from an ESG on-premise application to a mature, cloud-based solution powered by artificial intelligence can be done in minutes. Trustifi, a global email security platform based in the cloud, delivers a secure and reliable advanced security platform with several protection layers integrated into a single console with the experience of assisting clients with their migration strategy.
What does it take to move from Barracuda to Trustifi advanced-AI email security?
Got 15 minutes?
Why Must You Move Quickly to Replace Your ESG from Barracuda?
Email security devices scan every inbound and outbound email message coming into the organization to help stop business email compromise, ransomware from zero-day vulnerabilities, and all types of malware affecting users. With security-compromised devices like the Barracuda email security gateway, this critical vulnerability will expose thousands of the organization’s emails, including personal data and intellectual property, to hackers, phishers, and cyber criminals.
With a compromised Barracuda ESG device, all outbound emails containing financial information, employee records, or company trade secrets are no longer secure.
How to Move Your ESG Device to Trustifi Cloud Email Security?
Migrating to the Trustifi email security platform from ESG requires very few steps. Most clients can migrate within 15 minutes without an MX record change or extensive professional services engagement.
Trustifi allows you to onboard your users in various ways.
When considering which onboarding method to choose, consider the following factors:
- How many users will be onboarded (view both the initial POC phase and the eventual number of users)?
- Whether they will connect your plan to the Email Relay or just use the add-in for Outlook/Gmail, you control how much you like to have over the process (as the plan admin).
Inbound Email Relay
Overview
This architecture involves Trustifi setting up mail flow connectors in the organization’s email environment to route incoming email traffic to Trustifi before the emails arrive at the recipient’s mailbox.
In email environments that support the creation of custom mail-flow rules, such as Office 365 and Google Workspaces, Trustifi also supports this technical and architectural requirement. Establishing outbound connectors for exchange requires the creation of specific rules. Email administrators accessing the Trusifi configuration wizard can create the necessary connectors.
Trustifi’s automatic install wizard seamlessly integrates with your existing O365 or Google Workspace infrastructure, ensuring a smooth transition without disrupting your workflow.
This architecture involves Trustifi setting up an outbound (send) connector in the organization’s email environment to route mail flow to Trustifi’s secure SMTP relay.
Trustifi will then process the email and send it out using Trustifi’s MTA via Amazon SES.
Step 1: Set Outbound Connectors
Step 2: Set Email Domains
Step 3: Configure Email Flow Rule
Advanced cloud-based email systems like Office 365 and Google Workspaces also allow the creation of custom mail flow rules to control the traffic routing to Trustifi. This can be used for a limited-scope deployment or a proof of concept/trial.
API integration
Overview
Using the Microsoft Graph API, organizations using Office 365 can use Trustifi to scan inbound emails without making architectural mail-flow changes.
The integration process is swift – all that is required is to enable the API integration from the Trustifi portal using the Office365 admin’s credentials and then selecting which mailboxes in the organization should be protected.
When an email enters a protected mailbox, the API will immediately move it away to the “Archive” folder while Trustifi is scanning it. Once the scan process is completed, emails that should not be quarantined will be returned to the inbox.
Outbound integration
Trustifi’s security solutions can be seamlessly integrated into an organization’s email environment, providing a secure and encrypted email communication channel, enabling the application of custom Data Loss Prevention (DLP) rules and policies, and monitoring suspicious user activity.
The User Onboarding Process with Trustifi
Trustifi’s support staff does the most significant part of this process; all the admin must provide support with a list of the users to be onboarded.
There are several requirements for this list:
- The list must be in a .csv (Comma-Separated Values) file format.
- The first row must contain the following headers: email, name, password, country_code, phone_number.
- The fields “email” and “name” are mandatory Trustifi will generate a random password for the user. The user will be able to reset this password.
Trustifi support will verify the list’s integrity and use it to onboard all provided users simultaneously.
The user must click on the provided link to use his Trustifi account (if the user’s domain is verified, they will not receive this email).
A “Welcome” email contains information about their account. If the user has a randomly generated password, they can reset it through a link.
Frequently Asked Questions(FAQ)
Will the Email Relay apply to everyone in my domain?
Only if you want to, during the configuration process, can you choose whether Email Relay should apply to all domain users, specific groups, or select users only.
Will the Email Relay automatically encrypt all my emails?
No. While emails sent via Email Relay will be delivered using a secure channel, the default will not encrypt the content. It will only encrypt emails according to rules and policies set up by the admin.
“I received a “Welcome” email from Trustifi. What does this mean?”
It means that a Trustifi account has been created for you. By clicking on the “Create a new password” link in this email, you can set a password to access the Trustifi web app or Gmail add-in. Please note that this is not mandatory; you may continue sending emails through the Email Relay without creating a password.
Trustifi World-Class Email Security Features at your Fingertips in Minutes.
Trustifi, a global leader in cloud-based email security, understands the resource and budget challenges for many SMBs and mid-enterprise organizations facing malware, ransomware, or replacing existing legacy email solutions.
Trustifi’s fully integrated protection layers managed by a single console include:
- Inbound Shield Protection with AI and ML Maturity Engines
- Outbound Shield Protection with email encryption, data tokenization, and data loss prevention (DLP)
- Multi-factor authentication for further message projects and integration with Zero Trust Architectures
- Account Compromise Detection – Stop Attacks on Email Accounts, Neutralize Compromised Accounts, and Get Reporting, Automatically
Need Additional Security Resources or a Managed Service?
Many firms seeking to move off the existing Barracuda ESG seek managed services offerings to help manage and handle email security operations. Trustifi’s managed email detection and response service is an idea for small-to-medium(SMB).
Trustifi Managed Email Detection and Response Service includes
- Access to Trustifi email security experts to assist with policy enablement and incident response.
- Adaptation of security to comply with companies’ regulations/compliances
- Custom DLP/encryption rules and policy creation
- Incidence response to minimize damage
- Monthly reporting of all incidents, findings, actions taken, and recommendations
Why Trustifi?
Trustifi is a cyber security firm featuring solutions delivered on software as a service platform. Trustifi leads the market with the easiest-to-use and deploys email security products, providing both inbound and outbound email security from a single vendor.
As a global cybersecurity provider of both inbound and outbound email protection, Trustifi currently supports customers from countries including the USA, Canada, Brazil, the Dominican Republic, the UK, the Netherlands, India, the UAE, China, and Japan, Cyprus, the Philippines, and more. The company has also developed “One-Click Compliance” capabilities that cater to world security regulations, including PDPO for Hong Kong, POPI for South Africa, GDPR for Europe, and LGPD for Brazil.
