{"id":52147,"date":"2023-05-31T16:11:58","date_gmt":"2023-05-31T16:11:58","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34674\/Critical-Barracuda-0-Day-Was-Used-To-Backdoor-Networks-For-8-Months.html"},"modified":"2023-05-31T16:11:58","modified_gmt":"2023-05-31T16:11:58","slug":"critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/","title":{"rendered":"Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months"},"content":{"rendered":"<figure class=\"intro-image intro-left\"> <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/10\/malware-800x600.jpg\" alt=\"A stylized skull and crossbones made out of ones and zeroes.\"><figcaption class=\"caption\"><\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"> <a class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2023\/05\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">33<\/span> <span class=\"visually-hidden\"> with <\/span> <\/a> <\/aside>\n<p> <!-- cache hit 54:single\/related:614930e1f160e91796818ee6803e814d --><!-- empty --><\/p>\n<p>A critical vulnerability patched 10 days ago in widely used email software from IT security company Barracuda Networks has been under active exploitation since October. The vulnerability has been used to install multiple pieces of malware inside large organization networks and steal data, Barracuda said Tuesday.<\/p>\n<p>The software bug, tracked as CVE-2023-2868, is a remote-command injection vulnerability that stems from incomplete input validation of user-supplied .tar files, which are used to pack or archive multiple files. When file names are formatted in a particular way, an attacker can execute system commands through the QX operator, a function in the Perl programming language that handles quotation marks. The vulnerability is present in the Barracuda Email Security Gateway versions 5.1.3.001 through 9.2.0.006; Barracuda <a href=\"https:\/\/status.barracuda.com\/incidents\/34kx82j5n4q9\">issued a patch<\/a> 10 days ago.<\/p>\n<p>On Tuesday, Barracuda <a href=\"https:\/\/www.barracuda.com\/company\/legal\/esg-vulnerability\">notified customers<\/a> that CVE-2023-2868 has been under active exploitation since October in attacks that allowed threat actors to install multiple pieces of malware for use in exfiltrating sensitive data out of infected networks.<\/p>\n<p>\u201cUsers whose appliances we believe were impacted have been notified via the ESG user interface of actions to take,\u201d Tuesday\u2019s notice stated. \u201cBarracuda has also reached out to these specific customers. Additional customers may be identified in the course of the investigation.\u201d<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<p>Malware identified to date includes packages tracked as Saltwater, Seaside, and Seaspy. Saltwater is a malicious module for the SMTP daemon (bsmtpd) that the Barracuda ESG uses. The module contains backdoor functionality that includes the ability to upload or download arbitrary files, execute commands, and provide proxy and tunneling capabilities.<\/p>\n<p>Seaside is an x64 executable in ELF (executable and linkable format), which stores binaries, libraries, and core dumps on disks in Linux and Unix-based systems. It provides a persistence backdoor that poses as a legitimate Barracuda Networks service and establishes itself as a PCAP filter for capturing data packets flowing through a network and performing various operations. Seaside monitors tracking on port 25, which is used for SMTP-based email.<\/p>\n<p>It can be activated using a \u201cmagic packet\u201d that\u2019s known only to the attacker but appears innocuous to all others. Mandiant, the security firm Barracuda hired to investigate the attacks, said it found code in Seaspy that overlaps with the publicly available cd00r backdoor.<\/p>\n<p>Seaside, meanwhile, is a module for the Barracuda SMTP daemon (bsmtpd) that monitors commands, including SMTP HELO\/EHLO to receive a command-and-control IP address and port to establish a reverse shell.<\/p>\n<p>Tuesday\u2019s notice includes cryptographic hashes, IP addresses, file locations, and other indicators of compromise associated with the exploit of CVE-2023-2868 and the installation of the malware. Company officials also urged all impacted customers to take the following actions:<\/p>\n<blockquote>\n<ol>\n<li><span class=\"cmp-text__rte__text-body1\">Ensure your ESG appliance is receiving and applying updates, definitions, and security patches from Barracuda. Contact Barracuda support (<a href=\"mailto:support@barracuda.com\">support@barracuda.com<\/a>) to validate if the appliance is up to date.<\/span><\/li>\n<li><span class=\"cmp-text__rte__text-body1\">Discontinue the use of the compromised ESG appliance and contact Barracuda support (<a href=\"mailto:support@barracuda.com\">support@barracuda.com<\/a>) to obtain a new ESG virtual or hardware appliance.<\/span><\/li>\n<li><span class=\"cmp-text__rte__text-body1\">Rotate any applicable credentials connected to the ESG appliance:<br \/>o&nbsp; Any connected LDAP\/AD<br \/>o&nbsp; Barracuda Cloud Control<br \/>o&nbsp; FTP Server<br \/>o&nbsp; SMB<br \/>o&nbsp; Any private TLS certificates<\/span><\/li>\n<li><span class=\"cmp-text__rte__text-body1\">Review your network logs for any of the [indicators of compromise] and any unknown IPs. Contact <a href=\"mailto:compliance@barracuda.com\">compliance@barracuda.com<\/a> if any are identified.<\/span><\/li>\n<\/ol>\n<\/blockquote>\n<p>The Cybersecurity and Infrastructure Security Agency <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-warns-govt-agencies-of-recently-patched-barracuda-zero-day\/\">added CVE-2023-2868<\/a> to its list of known exploited vulnerabilities on Friday.<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34674\/Critical-Barracuda-0-Day-Was-Used-To-Backdoor-Networks-For-8-Months.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":52148,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[10539],"class_list":["post-52147","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerdata-lossflawbackdoor"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-31T16:11:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/10\/malware-800x600.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months\",\"datePublished\":\"2023-05-31T16:11:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\\\/\"},\"wordCount\":580,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months.jpg\",\"keywords\":[\"headline,hacker,data loss,flaw,backdoor\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\\\/\",\"name\":\"Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months.jpg\",\"datePublished\":\"2023-05-31T16:11:58+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months.jpg\",\"width\":800,\"height\":600},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,data loss,flaw,backdoor\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerdata-lossflawbackdoor\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/","og_locale":"en_US","og_type":"article","og_title":"Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-05-31T16:11:58+00:00","og_image":[{"url":"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/10\/malware-800x600.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months","datePublished":"2023-05-31T16:11:58+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/"},"wordCount":580,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/06\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months.jpg","keywords":["headline,hacker,data loss,flaw,backdoor"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/","url":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/","name":"Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/06\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months.jpg","datePublished":"2023-05-31T16:11:58+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/06\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/06\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months.jpg","width":800,"height":600},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/critical-barracuda-0-day-was-used-to-backdoor-networks-for-8-months\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,data loss,flaw,backdoor","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerdata-lossflawbackdoor\/"},{"@type":"ListItem","position":3,"name":"Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52147","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52147"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52147\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/52148"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52147"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52147"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52147"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}