This news is “stunning” say many cybersecurity experts; it’s so bad that a patch can’t resolve it, companies have to completely stop using these (very expensive) machines and get new ones.

    • Tempiz@sh.itjust.works
      link
      fedilink
      arrow-up
      1
      ·
      2 years ago

      I do believe Barracuda came out with a new authentication mechanism to replace the magic links at the end of April. They are suggesting folks move over the temporary passcode authentication instead. You can read more about it in their blog post here: https://esstimeline.barracudanetworks.com/publications/temporary-passcode-authentication

      I have began experimenting with this in my org today. I don’t love sending auth codes over email, even if its only live for fifteen minutes, but we do need a solution to access shared mailbox quarantines without security team intervention. I suppose its better than the past magic links authentication we were using.