It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda XDR
Overview Documentation Materials

Barracuda XDR Release Notes — January 2025

  • Last updated on

Changes to policies for Barracuda IDS Collector

For improved focus on important security issues, IDS events now have to be above a certain severity to be included in Barracuda IDS logs, which also reduces log volume.

Testing added for CrowdStrike integrations

When integrating CrowdStrike, you can now test credentials by clicking the Test button.

Integration page changes

The changes to the Integration page are:

  • The default sort is now Product instead of Name.

  • You can now filter on currently-enabled integrations.

Additional Help buttons

Help buttons have been added to the following pages:

  • Infrastructure > Collectors

  • Intelligence > O365 Protection

Bug fixes

  • Improved wording of MS Office 365 setup error messages.

  • Resolved an issue where the Administration > Email Distributions screen intermittently showed wrong addresses.

  • Resolved an issue where endpoint groups could not be viewed when the account name contained a slash.

  • Resolved an issue where the Home page incorrectly showed "healthy" status for some previously-snoozed data sources.

  • Resolved an issue where the Administration > Integrations screen didn’t show “enabled” for CloudGen Firewall.

  • Resolved an issue where bad data in some alerts caused an error when viewing them in the Dashboard.

  • Resolved an issue where Data masking was enabled in error for several accounts, resulting in obfuscation of telemetry data needed for STAR Custom rules to trigger alerts.

  • Resolved an issue where mitigated files were unquarantined automatically in the Dashboard when whitelisted by the customer.

New Detection Rules

  • All Windows Detection Rules (XDR Server Security) have been completely rebuilt and redesigned

    • New Password Spray Logic for NTLM Authentication Flows

    • New Password Spray Logic for Kerberos Authentication Flows (new collector only)

    • New PowerShell Credential Dumping and Lateral Movement Detections (new collector only)

    • New logic for Windows RDP Enabled via Registry

    • Additional logic for Windows Persistence Via Bits Job Cmdline

  • GLB.AU.CAS Duo Policy Updated to Allow Access Without 2FA

  • GLB.AA.NET Fortigate SSL VPN Password Spraying Activity

Rules Enhanced with SOAR

  • GLB.AD.APP Mimecast Malicious URL Not Blocked

  • GLB.AU.CAS DUO: Allow Access without 2FA

  • GLB.AD.NET Sophos XG Administrator Successfully Performed an Update Operation