The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday disclosed details of a « novel persistent backdoor » called SUBMARINE deployed by threat actors in connection with the hack on Barracuda Email Security Gateway (ESG) appliances.
« SUBMARINE comprises multiple artifacts — including a SQL trigger, shell scripts, and a loaded library for a Linux daemon — that together enable
