Security News

US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers

2024-10-10 18:49

U.S. and U.K. cyber agencies warned today that APT29 hackers linked to Russia's Foreign Intelligence Service (SVR) target vulnerable Zimbra and JetBrains TeamCity servers "at a mass scale." [...]

#hacker #russian #server #UK #US #zimbra

Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast

2024-10-06 08:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: October 2024 Patch Tuesday forecast: Recall can be recalled October arrived, and Microsoft started...

#critical #patch #patchtuesday #RCE #vulnerability #zimbra #CVE-2024-45519

Weird Zimbra Vulnerability

2024-10-03 11:04

Hackers can execute commands on a remote computer by sending malformed emails to a Zimbra mail server. It’s critical, but difficult to exploit. In an email sent Wednesday afternoon, Proofpoint...

#vulnerability #zimbra

Critical Zimbra RCE flaw exploited to backdoor servers using emails

2024-10-02 14:15

Hackers are actively exploiting a recently disclosed RCE vulnerability in Zimbra email servers that can be triggered simply by sending specially crafted emails to the SMTP server. [...]

#backdoor #critical #email #RCE #server #zimbra

Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)

2024-10-02 11:05

Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say...

#critical #CVE #exploitation #RCE #vulnerability #zimbra #CVE-2024-45519

'Patch yesterday': Zimbra mail servers under siege through RCE vuln

2024-10-02 10:50

Attacks began the day after public disclosure "Patch yesterday" is the advice from infosec researchers as the latest critical vulnerability affecting Zimbra mail servers is now being mass-exploited.…

#patch #RCE #server #zimbra

Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw

2024-10-02 05:56

Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security firm Proofpoint said it...

#attack #critical #researcher #zimbra #CVE-2024-45519

Google: Hackers exploited Zimbra zero-day in attacks on govt orgs

2023-11-17 16:04

Google's Threat Analysis Group has discovered that threat actors exploited a zero-day vulnerability in Zimbra Collaboration email server to steal sensitive data from government systems in multiple countries. According to Google's threat analysts, the threat actors exploited the vulnerability on government systems in Greece, Moldova, Tunisia, Vietnam, and Pakistan to steal email data, user credentials, and authentication tokens, perform email forwarding, and lead victims to phishing pages.

#attack #google #hacker #zeroday #zimbra

Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups

2023-11-16 16:09

A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user credentials, and authentication tokens. "Most of...

#email #hacker #zeroday #zimbra #CVE-2023-37580

New Wave of Attack Campaign Targeting Zimbra Email Users for Credential Theft

2023-08-18 11:48

A new "Mass-spreading" social engineering campaign is targeting users of the Zimbra Collaboration email server with an aim to collect their login credentials for use in follow-on operations. "Initially, the target receives an email with a phishing page in the attached HTML file," ESET researcher Viktor Šperka said in a report.

#attack #credential #email #zimbra

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News