zimbra – PossibleThreat Articles

MalwareBytes Security

Zimbra issues awaited patch for actively exploited vulnerability

July 28, 2023 0 Comments cisa, cve-2023-0464, cve-2023-38750, Exploits and vulnerabilities, jsp, news, tag, xml, XSS, zcs, zimbra

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZCS

Tags: CVE-2023-38750

Tags: CISA

Tags: CVE-2023-0464

Tags: TAG

Tags: XSS

Tags: JSP

Tags: XML

Tags:

Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that could lead to exposure of internal JSP and XML files.

(Read more…)

The post Zimbra issues awaited patch for actively exploited vulnerability appeared first on Malwarebytes Labs.

Security Sophos

S3 Ep144: When threat hunting goes down a rabbit hole

July 20, 2023 0 Comments Exploit, Microsoft, Naked Security Podcast, storm, Uncategorized, virus total, zero day, zimbra

Credit to Author: Paul Ducklin| Date: Thu, 20 Jul 2023 14:58:03 +0000

Latest episode – check it out now!

MalwareBytes Security

Act now! In-the-wild Zimbra vulnerability needs a workaround

July 17, 2023 0 Comments actively exploited, Exploits and vulnerabilities, fn:escapexml, Google, malaslocker, news, vulnerability, zimbra

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: MalasLocker

Tags: vulnerability

Tags: Google

Tags: actively exploited

Tags: fn:escapeXml

Security experts are warning Zimbra users that a vulnerability for which there is no patch is being actively exploited in the wild.

(Read more…)

The post Act now! In-the-wild Zimbra vulnerability needs a workaround appeared first on Malwarebytes Labs.

Security Sophos

Zimbra Collaboration Suite warning: Patch this 0-day right now (by hand)!

July 14, 2023 0 Comments data loss, vulnerability, XSS, zero day, zimbra

Credit to Author: Paul Ducklin| Date: Fri, 14 Jul 2023 16:58:13 +0000

Zimbra didn’t actually say, “Do not delay/Do it today,” but they did say, “We kindly request your cooperation to apply the fix manually.”

MalwareBytes Security

[updated] Thousands of Zimbra mail servers backdoored in large scale attack

August 17, 2022 0 Comments authentication, cve-2022-27925, cve-2022-37042, Exploits and vulnerabilities, news, rce, web shell, zimbra, zvs

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZVS

Tags: cve-2022-27925

Tags: web shell

Tags: cve-2022-37042

Tags: authentication

Tags: RCE

Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers

(Read more…)

The post [updated] Thousands of Zimbra mail servers backdoored in large scale attack appeared first on Malwarebytes Labs.

MalwareBytes Security

Thousands of Zimbra mail servers backdoored in large scale attack

August 12, 2022 0 Comments authentication, cve-2022-27925, cve-2022-37042, Exploits and vulnerabilities, news, rce, web shell, zimbra, zvs

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZVS

Tags: cve-2022-27925

Tags: web shell

Tags: cve-2022-37042

Tags: authentication

Tags: RCE

Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers

(Read more…)

The post Thousands of Zimbra mail servers backdoored in large scale attack appeared first on Malwarebytes Labs.

MalwareBytes Security

A week in security (January 31 – February 6)

February 7, 2022 0 Comments A week in security, airtags, Android, brata, malware, nfts, operagx, phishing, samba, Windows 10, wormhole, zimbra

Credit to Author: Malwarebytes Labs| Date: Mon, 07 Feb 2022 11:13:55 +0000

The most important and interesting security stories from the last seven days.

Categories: A week in security

Tags: AirTags Android BRATA malware NFTs operagx phishing samba windows 10 Wormhole Zimbra

(Read more…)

The post A week in security (January 31 – February 6) appeared first on Malwarebytes Labs.