[CPAGeeks] Re: Oof - Barracuda Incident Report

From: "JON LUKE HARVEY" <dmarc-noreply@xxxxxxxxxxxxx> ("JHarvey")
To: "cpageeks@xxxxxxxxxxxxx" <cpageeks@xxxxxxxxxxxxx>
Date: Fri, 9 Jun 2023 14:05:45 +0000

I don’t know whether to take that as a threat or a promise… either way I’m
excited!

Thank you,

Jon Luke Harvey
System Administrator

To send secure files click
here<https://www.landmarkcpas.com/client-secure-file-transfer/>

3101 South 70th Street, Fort Smith, AR 72903
479.484.5740 phone . 800.825.3608 toll free . 479.484.0670 fax
jharvey@xxxxxxxxxxxxxxxx | www.landmarkcpas.com
From: cpageeks-bounce@xxxxxxxxxxxxx <cpageeks-bounce@xxxxxxxxxxxxx> On Behalf
Of Ken Pyle
Sent: Friday, June 9, 2023 8:50 AM
To: cpageeks@xxxxxxxxxxxxx
Subject: [CPAGeeks] Re: Oof - Barracuda Incident Report

You will see it later this summer.

Heh.

Ken Pyle
M.S. IA, CISSP, HCISPP, ECSA, CEH, OSCP, OSWP, EnCE, Sec+
CYBIR.com

    Main: 267-540-3337<tel:267-540-3337>
    Direct: 484-498-8340<tel:484-498-8340>
    Email: kp@xxxxxxxxx<mailto:kp@xxxxxxxxx>
    Website: www.cybir.com<http://www.cybir.com/>

________________________________
From: cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>
<cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>> on behalf
of JON LUKE HARVEY
<dmarc-noreply@xxxxxxxxxxxxx<mailto:dmarc-noreply@xxxxxxxxxxxxx>>
Sent: Friday, June 9, 2023 9:46:48 AM
To: cpageeks@xxxxxxxxxxxxx<mailto:cpageeks@xxxxxxxxxxxxx>
<cpageeks@xxxxxxxxxxxxx<mailto:cpageeks@xxxxxxxxxxxxx>>
Subject: [CPAGeeks] Re: Oof - Barracuda Incident Report

A magician never reveals their secrets of course! 😉

Thank you,

Jon Luke Harvey

System Administrator

To send secure files click
here<https://www.landmarkcpas.com/client-secure-file-transfer/>

[cid:image001.png@01D99AB1.92810C40]
[cid:image002.png@01D99AB1.92810C40]
3101 South 70th Street, Fort Smith, AR 72903
[cid:image003.png@01D99AB1.92810C40]
479.484.5740 phone | 800.825.3608 toll free | 479.484.0670 fax
[cid:image004.png@01D99AB1.92810C40]
jharvey@xxxxxxxxxxxxxxxx<mailto:jharvey@xxxxxxxxxxxxxxxx>
|
[cid:image005.png@01D99AB1.92810C40]
www.landmarkcpas.com<http://www.landmarkcpas.com/>
[cid:image006.png@01D99AB1.92810C40]<https://www.facebook.com/landmarkaccountants/>
[cid:image007.png@01D99AB1.92810C40]<https://www.linkedin.com/company/landmarkcpas/>
[cid:image008.png@01D99AB1.92810C40]<https://twitter.com/LandmarkCPAs>
-------------------------------
LANDMARK PLC, CERTIFIED PUBLIC ACCOUNTANTS CONFIDENTIALITY DISCLOSURE

The information in this email is confidential and may be legally privileged. It
is intended solely for the addressee. Access to this email by anyone else is
unauthorized.  If you are not the intended recipient, any disclosure, copying,
distribution or any action taken or omitted to be taken in reliance on it, is
prohibited and may be unlawful.
------------------------------

From: cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>
<cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>> On Behalf
Of Ken Pyle
Sent: Friday, June 9, 2023 8:42 AM
To: cpageeks@xxxxxxxxxxxxx<mailto:cpageeks@xxxxxxxxxxxxx>
Subject: [CPAGeeks] Re: Oof - Barracuda Incident Report

GREAT POINT.

I have an idea of how they did it (I do the same thing.)

Won't share publicly but it's remarkably easy when I do it to other things.

________________________________

From: cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>
<cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>> on behalf
of Raul Marlasca <marlasca@xxxxxxxxxxxxxxxxx<mailto:marlasca@xxxxxxxxxxxxxxxxx>>
Sent: Friday, June 9, 2023 9:38 AM
To: cpageeks@xxxxxxxxxxxxx<mailto:cpageeks@xxxxxxxxxxxxx>
<cpageeks@xxxxxxxxxxxxx<mailto:cpageeks@xxxxxxxxxxxxx>>
Subject: [CPAGeeks] Re: Oof - Barracuda Incident Report

There are a TON of small shops using the ESG boxes that will not have the
budget or the man power on site to swap these out quickly, some don’t even know
there is an issue because an MSP set it up 5 years ago and they don’t have
anyone in house who is doing maintenance on it. I have a feeling this is only
going to get worse as time goes by since the only fix is full rip and replace.

MEGA bad indeed.

From: cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>
<cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>> On Behalf
Of Ken Pyle
Sent: Friday, June 9, 2023 9:33 AM
To: cpageeks@xxxxxxxxxxxxx<mailto:cpageeks@xxxxxxxxxxxxx>
Subject: [CPAGeeks] Re: Oof - Barracuda Incident Report

[EXTERNAL]

They're recommending total replacement of the appliance / machine.

Actors have survibability and persistence.

Mega bad.

________________________________

From: cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>
<cpageeks-bounce@xxxxxxxxxxxxx<mailto:cpageeks-bounce@xxxxxxxxxxxxx>> on behalf
of Craig S. Anteman
<dmarc-noreply@xxxxxxxxxxxxx<mailto:dmarc-noreply@xxxxxxxxxxxxx>>
Sent: Friday, June 9, 2023 7:39 AM
To: cpageeks@xxxxxxxxxxxxx<mailto:cpageeks@xxxxxxxxxxxxx>
<cpageeks@xxxxxxxxxxxxx<mailto:cpageeks@xxxxxxxxxxxxx>>
Subject: [CPAGeeks] Re: Oof - Barracuda Incident Report

I don't know enough about Barracude products, but I seem to recall that their
ESG products has some secure email capabilities.

Perhaps that is part of their Saas email security services.

pretty scary to think about.

________________________________

[TBC]

7 Washington Square, Albany, NY 12205
Ph: 518-456-6663 Fax: 518-456-3975
E-Mail: CAnteman@xxxxxxxxxx<mailto:CAnteman@xxxxxxxxxx>

Connect with us:

[LinkedIn]<https://www.linkedin.com/company/teal-becker-&-chiaramonte-cpas-p.c.>

[Twitter]<https://twitter.com/TBC_CPAs>

[https://us-api.mimecast.com/s/store/dDyM2JnLgX9hN4gBwp6l3wcHl5WPV6BKIpZTi5frDe2-SFPtLsKZOfsKtYdszK-jZ47XfcRV2KTEgSVUgyeqI-P8nqbsp20k7gHWf7JhlrxBWpzR2wpTdoq0hcgor2CboeTPmSgTwGUj3B44jwbI4mIJgeTvV1-S6I2sjUygoNNgByQrqlTPQ26nJckj2SuF]<https://www.facebook.com/TBCCPA>

[Make a Payment]<https://www.tbccpa.com/pay/>

[https://us-api.mimecast.com/s/store/gLEsLmrd3Y-oRcYLw8UPQVSa4Wpm5aWkCKdbSdh0E4ZoGnWEMtD9cfGmiDklNNpcCAEZhVbMdn-QohbZ4lTHvMlBYotB7odhAMLUZOcHW0h8smmuwPzYUQELhsUZMmEPv_QiKmeUYQqdjEN2m7rrmi9yZafUHHOKM7YJei7J6EKmVT-AiJHbtFgefFsYYBuA]

[https://us-api.mimecast.com/s/store/aAnxMhtIAIegyIsmzeIXH6pRqRJJ2-_ola9Og5EyGk-u0bm4hnIrlA1diCU3cZIEFD1Im0N26giSn11FlR3MYmOx0KGmqUaWYnJgKUxc4ecCaM4TP2YWW2FoOyxuXrZ-LOss25gIGNDYR2cOa14WaxFv6ar4VBtW1aLLd9RXjIbLEBbTeyN6o0pwsoYjC3Hv]

[Inside Accounting Top 300]

NOTICE. This electronic message and any attachments are the confidential
information and property of the sender. The information in this email and any
attachments may only be used by the person to whom this email is addressed. Any
intercepting, copying, accessing, distributing or disclosing of this email or
any attachments by any other person is prohibited. The sender takes no
responsibility for any unauthorized reliance on this email or any attachments
or for the presence of any viruses. Please check all attachments for viruses.
If you are not the addressee listed in this email or have received this email
in error, please notify the sender immediately and delete this email from your
system. Do not forward this email or any attachment without the sender's
permission.

On Thu, 2023-06-08 at 19:52 +0000, Michael W. Chesnutt wrote:

Seems like they have it on lock pretty well, but if you’re running any
Barracuda ESGs, might be worth a look:

https://www.barracuda.com/company/legal/esg-vulnerability?mkt_tok=ODQwLU9TUS02NjEAAAGMO4RMlOkWn9MJs5yUsZ6bd5uQdBu-vZTUTq_TMRMDum1RhaMiqfYlf1Mr4nIkTsy_fnrVLVB8WoMiVewv5Oww9GsYPbwPGa-8xqF703S8tJjbQA

(easily findable via a google search if you would prefer not to click on a link)

Thank you,

Michael W. Chesnutt

IT Director

mchesnutt@xxxxxxxxxx<mailto:mchesnutt@xxxxxxxxxx>

Machen McChesney

1820 E. University Dr.

Auburn, AL 36830

334.887.7022: Office | 334.246.1354: Cell

http://www.machen.cpa<https://url.emailprotection.link/?bvHZZ7D6rnzu0yxbRMFxm_SGTjt4h3lFkhbw9GeWFA2KxIuPBakOLEBmTRtajm2jvng_G19RjdawSo_iwXTbhfA~~>

Send a file to Machen McChesney, LLP
securely:https://www.clientaxcess.com/sharesafe/#/machenmcchesney<https://url.emailprotection.link/?b911SsVppwyn0j6ZzackQ-jvQNRi-kT9IapB6ZYS5Buv4DaUBhPy4HU0pRlpls7pwPmm_LZiqDs-nHw1O1l5MZC0iAmkzizIOb-8-bLHN3eYmVz1Ue2sFjWTgz2AYt0ek>

Access your client
Portal:https://www.clientaxcess.com/#/login<https://url.emailprotection.link/?b7UE2yfMelFt9Xz7NIwUT9_RchFUPzVHWl0HLo4HrovsPmlms-ywKzgQKSrbyo1G64_lswoaU_N6L6Fon7x19IQ~~>

IMPORTANT:  This electronic mail message and any attached files contain
information intended for the exclusive use of the individual(s) or entity to
whom it is addressed and may contain information that is proprietary,
privileged, confidential and/or exempt from disclosure under applicable law.
If you are not the intended recipient, you are hereby notified that any
viewing, copying, disclosure or distribution of this information may be subject
to legal restriction or sanction.

Please notify the sender, by electronic mail or telephone, of any unintended
recipients and delete the original message without making any copies.

--

Craig Anteman

Director of Infrastructure and Security

Teal, Becker & Chiaramonte, CPAs, PC

________________________________

This e-mail contains legally privileged and confidential information intended
only for the individual or entity named within the message. If the reader of
this message is not the intended recipient, or the agent responsible to deliver
it to the intended recipient, you are hereby notified that any review,
dissemination, distribution or copying of this communication is prohibited. If
this communication was received in error, please notify us by reply e-mail and
delete the original message. It is outside of our internal security procedures
to email documents containing personal information. Please be aware that any
email sent with your documents is not secure. By accepting this email you agree
to remove all file security liability from Berman Hopkins for such documents
sent at your request. Please consider using our secure client portal to
transmit sensitive documents containing personal information.