WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

1.2K

(post is archived)

You are currently inside a comment thread.
Click here to see all the comments (5).
[–] 1 pt

The pivot from patch to total replacement of affected devices is fairly stunning and implies the malware the threat actors deployed somehow achieves persistence at a low enough level that even wiping the device wouldn’t eradicate attacker access,

Nicholas Weaver, a researcher at University of California, Berkeley’s International Computer Science Institute (ICSI), said it is likely that the malware was able to corrupt the underlying firmware that powers the ESG devices in some irreparable way.

My guess is that the device’s remote update mechanism allows installation of firmware updates and the attackers somehow commandeered that.

[–] 3 pts

Barracuda boxes are kind of black boxes to the end user, there are management structures and pathways that you, as an end user, can't access.

They're awesome when they work right, but they always seem to be one oopsie away from calling support and having them tunnel into it to clear a relatively benign error that the end user should have been able to click "Ok" on.