Maximum severity Zimbra bug added to Known Exploited Vulnerabilities catalog

7 October 2024

Such a development comes after the vulnerability was discovered by Proofpoint to be leveraged in intrusions beginning September 28, following the release of its proof-of-concept exploit code and technical information by Project Discovery. Attacks involved the impersonation of Gmail to deliver base64 string-containing emails that would be executed by Zimbra servers, which have also been used for second-stage payload hosting, according to Proofpoint, which did not attribute the intrusions to a specific threat actor.

Source: SC Magazine

Date:

7 October 2024

Categorie(s):

NEWS

Tag(s):

AI/ML, IT, Security Pro, Vulnerability, Zimbra

Harnessing the Power of Data and AI – Sivan Tehila – FS #15 November 2024
A Kansas pig butchering: CEO who defrauded bank, church, friends gets 24 years5 November 2024
Canada Arrests Suspected Hacker Linked to Snowflake Data Breaches5 November 2024
Amazon Inspector suppression rules best practices for AWS Organizations5 November 2024
Building Cybersecurity Resilience: Strategies, Technologies, and Best Practices from Industry Leaders5 November 2024