1676023497185
OpenSSL Vulnerabilities (CVE-2023-0286, CVE-2022-4304, CVE-2022-4203, CVE-2023-0215, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217 and CVE-2023-0401)
by Scott Treacy
OpenSSL have announced a new security advisory. Please see Barracuda Campus for the latest news on this advisory. 
1671029820000
Claroty JSON SQLi Vulnerabilities
by Scott Treacy
The Claroty T82 research team released a blog last week demonstrating a newly identified SQL injection in JSON based SQL and how this bypasses many name brand WAF vendors. While we have had custom patterns available via the Barracuda 1667300400000
OpenSSL v3 X.509 Email Address Buffer Overflows (CVE-2022-3786 and CVE-2022-3602)
by Scott Treacy
Last week the OpenSSL Project announced they would release OpenSSL v3.0.7 on November 1st, highlighting that this release will be a security fix for a critical vulnerability of the highest severity. Upon release of the fix and the advisory, 1666279800000
Apache Commons Text packages (CVE-2022-42889)
by Scott Treacy
This article provides an update on the recently discovered vulnerability in Apache Commons Text packages (CVE-2022-42889). This Remote Code Execution (RCE) attack can be carried out on the Apache Commons text packages from version 1.5 until 1664555921055
Updated: Microsoft Exchange Zero-Day (CVE-2022-41040 and CVE-2022-41082)
by Scott Treacy
This article provides information on how you can mitigate the newly discovered Zero-day vulnerabilities in Microsoft Exchange Server using Barracuda WAF-as-a-Service. These vulnerabilities were published on September 29, 2022, and affect 1664215980000
New Region Avaliability
by Scott Treacy
Today we are very pleased to announce the general availability of WAF-as-a-Service in the following Azure Regions; Qatar Central (Doha) South Africa West (Cape Town) For instructions on how to change the regions that an application is
1656348360000
New Region Availability
by Scott Treacy
Last month we announced the availability of five new regions. Today we are announcing that an additional four new regions are now generally available for use in WAF-as-a-Service; Sweden South (Staffanstorp) Norway West (Stavanger) France
1654868880000
Atlassian Confluence Remote Code Execution Vulnerability (CVE-2022-26134)
by Scott Treacy
In the next few hours we are starting to deploy improvements to the security posture of all customer applications within WAF-as-a-Service in order to provide better protection against the Atlassian Confluence Remote Code Execution
1652695380000
New Region Availability
by Scott Treacy
Today we are announcing that WAF-as-a-Service is now generally available for use in the following five additional Azure Regions; Sweden Central (Gävle) West US (California) West US 3 (Arizona) West Central US (Wyoming) North Central US
