Summary: Security researchers have discovered a new backdoor, named "Whirlpool," that was used in attacks on users of Barracuda ESG appliances. The backdoor establishes a TLS reverse shell to a command-and-control server. This comes after a previous update revealed another backdoor called "Submarine" used in the same campaign. The attacks exploited a zero-day vulnerability and the threat actor is believed to be a Chinese APT group. Barracuda Networks has urged users to replace their Email Security Gateway appliances.

Hashtags: #CISA #WhirlpoolBackdoor #BarracudaESG #Cybersecurity #Malware #TLSReverseShell

https://www.infosecurity-magazine.com/news/whirlpool-backdoor-barracuda-esg/