5
Barracuda says hacked ESG appliances must be replaced immediately
(www.bleepingcomputer.com)
A community for technical news and discussion of cybersecurity and closely related topics.
I do believe Barracuda came out with a new authentication mechanism to replace the magic links at the end of April. They are suggesting folks move over the temporary passcode authentication instead. You can read more about it in their blog post here: https://esstimeline.barracudanetworks.com/publications/temporary-passcode-authentication
I have began experimenting with this in my org today. I don't love sending auth codes over email, even if its only live for fifteen minutes, but we do need a solution to access shared mailbox quarantines without security team intervention. I suppose its better than the past magic links authentication we were using.