There are a TON of small shops using the ESG boxes that will not have the
budget or the man power on site to swap these out quickly, some don't even know
there is an issue because an MSP set it up 5 years ago and they don't have
anyone in house who is doing maintenance on it. I have a feeling this is only
going to get worse as time goes by since the only fix is full rip and replace.
MEGA bad indeed.
From: cpageeks-bounce@xxxxxxxxxxxxx <cpageeks-bounce@xxxxxxxxxxxxx> On Behalf
Of Ken Pyle
Sent: Friday, June 9, 2023 9:33 AM
To: cpageeks@xxxxxxxxxxxxx
Subject: [CPAGeeks] Re: Oof - Barracuda Incident Report
[EXTERNAL]
They're recommending total replacement of the appliance / machine.
Actors have survibability and persistence.
Mega bad.
________________________________
From: cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>
<cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>> on behalf
of Craig S. Anteman
<dmarc-noreply@xxxxxxxxxxxxx<mailto:dmarc-noreply@xxxxxxxxxxxxx>>
Sent: Friday, June 9, 2023 7:39 AM
To: cpageeks@xxxxxxxxxxxxx<mailto:cpageeks@xxxxxxxxxxxxx>
<cpageeks@xxxxxxxxxxxxx<mailto:cpageeks@xxxxxxxxxxxxx>>
Subject: [CPAGeeks] Re: Oof - Barracuda Incident Report
I don't know enough about Barracude products, but I seem to recall that their
ESG products has some secure email capabilities.
Perhaps that is part of their Saas email security services.
pretty scary to think about.
________________________________
[TBC]
7 Washington Square, Albany, NY 12205
Ph: 518-456-6663 Fax: 518-456-3975
E-Mail: CAnteman@xxxxxxxxxx<mailto:CAnteman@xxxxxxxxxx>
Connect with us:
[LinkedIn]<https://www.linkedin.com/company/teal-becker-&-chiaramonte-cpas-p.c.>
[Twitter]<https://twitter.com/TBC_CPAs>
[https://us-api.mimecast.com/s/store/dDyM2JnLgX9hN4gBwp6l3wcHl5WPV6BKIpZTi5frDe2-SFPtLsKZOfsKtYdszK-jZ47XfcRV2KTEgSVUgyeqI-P8nqbsp20k7gHWf7JhlrxBWpzR2wpTdoq0hcgor2CboeTPmSgTwGUj3B44jwbI4mIJgeTvV1-S6I2sjUygoNNgByQrqlTPQ26nJckj2SuF]<https://www.facebook.com/TBCCPA>
[Make a Payment]<https://www.tbccpa.com/pay/>
[https://us-api.mimecast.com/s/store/gLEsLmrd3Y-oRcYLw8UPQVSa4Wpm5aWkCKdbSdh0E4ZoGnWEMtD9cfGmiDklNNpcCAEZhVbMdn-QohbZ4lTHvMlBYotB7odhAMLUZOcHW0h8smmuwPzYUQELhsUZMmEPv_QiKmeUYQqdjEN2m7rrmi9yZafUHHOKM7YJei7J6EKmVT-AiJHbtFgefFsYYBuA]
[https://us-api.mimecast.com/s/store/aAnxMhtIAIegyIsmzeIXH6pRqRJJ2-_ola9Og5EyGk-u0bm4hnIrlA1diCU3cZIEFD1Im0N26giSn11FlR3MYmOx0KGmqUaWYnJgKUxc4ecCaM4TP2YWW2FoOyxuXrZ-LOss25gIGNDYR2cOa14WaxFv6ar4VBtW1aLLd9RXjIbLEBbTeyN6o0pwsoYjC3Hv]
[Inside Accounting Top 300]
NOTICE. This electronic message and any attachments are the confidential
information and property of the sender. The information in this email and any
attachments may only be used by the person to whom this email is addressed. Any
intercepting, copying, accessing, distributing or disclosing of this email or
any attachments by any other person is prohibited. The sender takes no
responsibility for any unauthorized reliance on this email or any attachments
or for the presence of any viruses. Please check all attachments for viruses.
If you are not the addressee listed in this email or have received this email
in error, please notify the sender immediately and delete this email from your
system. Do not forward this email or any attachment without the sender's
permission.
On Thu, 2023-06-08 at 19:52 +0000, Michael W. Chesnutt wrote:
Seems like they have it on lock pretty well, but if you're running any
Barracuda ESGs, might be worth a look:
https://www.barracuda.com/company/legal/esg-vulnerability?mkt_tok=ODQwLU9TUS02NjEAAAGMO4RMlOkWn9MJs5yUsZ6bd5uQdBu-vZTUTq_TMRMDum1RhaMiqfYlf1Mr4nIkTsy_fnrVLVB8WoMiVewv5Oww9GsYPbwPGa-8xqF703S8tJjbQA
(easily findable via a google search if you would prefer not to click on a link)
Thank you,
Michael W. Chesnutt
IT Director
mchesnutt@xxxxxxxxxx<mailto:mchesnutt@xxxxxxxxxx>
Machen McChesney
1820 E. University Dr.
Auburn, AL 36830
334.887.7022: Office | 334.246.1354: Cell
http://www.machen.cpa<https://url.emailprotection.link/?bvHZZ7D6rnzu0yxbRMFxm_SGTjt4h3lFkhbw9GeWFA2KxIuPBakOLEBmTRtajm2jvng_G19RjdawSo_iwXTbhfA~~>
Send a file to Machen McChesney, LLP
securely:https://www.clientaxcess.com/sharesafe/#/machenmcchesney<https://url.emailprotection.link/?b911SsVppwyn0j6ZzackQ-jvQNRi-kT9IapB6ZYS5Buv4DaUBhPy4HU0pRlpls7pwPmm_LZiqDs-nHw1O1l5MZC0iAmkzizIOb-8-bLHN3eYmVz1Ue2sFjWTgz2AYt0ek>
Access your client
Portal:https://www.clientaxcess.com/#/login<https://url.emailprotection.link/?b7UE2yfMelFt9Xz7NIwUT9_RchFUPzVHWl0HLo4HrovsPmlms-ywKzgQKSrbyo1G64_lswoaU_N6L6Fon7x19IQ~~>
IMPORTANT: This electronic mail message and any attached files contain
information intended for the exclusive use of the individual(s) or entity to
whom it is addressed and may contain information that is proprietary,
privileged, confidential and/or exempt from disclosure under applicable law.
If you are not the intended recipient, you are hereby notified that any
viewing, copying, disclosure or distribution of this information may be subject
to legal restriction or sanction.
Please notify the sender, by electronic mail or telephone, of any unintended
recipients and delete the original message without making any copies.
--
Craig Anteman
Director of Infrastructure and Security
Teal, Becker & Chiaramonte, CPAs, PC
________________________________
This e-mail contains legally privileged and confidential information intended
only for the individual or entity named within the message. If the reader of
this message is not the intended recipient, or the agent responsible to deliver
it to the intended recipient, you are hereby notified that any review,
dissemination, distribution or copying of this communication is prohibited. If
this communication was received in error, please notify us by reply e-mail and
delete the original message. It is outside of our internal security procedures
to email documents containing personal information. Please be aware that any
email sent with your documents is not secure. By accepting this email you agree
to remove all file security liability from Berman Hopkins for such documents
sent at your request. Please consider using our secure client portal to
transmit sensitive documents containing personal information.
