The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday disclosed details of a “novel persistent backdoor” calledSUBMARINEdeployed by threat actors in connection with the hack on Barracuda Email Security Gateway (ESG) appliances. “SUBMARINE comprises multiple artifacts including a SQL trigger, shell scripts, and a loaded library for a Linux daemon that together enable