October 2, 2024 at 02:31AM A critical security flaw, CVE-2024-45519, has been actively exploited in Synacor’s Zimbra Collaboration. The flaw allows unauthenticated attackers to execute arbitrary commands. The issue was addressed in Zimbra versions 8.8.15 Patch 46, 9.0.0 Patch 41, 10.0.9, and 10.1.1. Users are strongly advised to apply the latest patches for protection. Key … Read more
October 1, 2024 at 05:47PM Cyber attackers are actively exploiting a severe remote code execution vulnerability (CVE-2024-45519) in Zimbra’s SMTP server, allowing them to take control of vulnerable systems. Proofpoint researchers observed attacks since Sept. 28, with attackers sending spoofed emails containing base64-encoded malicious code. Zimbra issued updates, but administrators need to apply them promptly … Read more
September 25, 2024 at 03:48AM A new phishing campaign targets transportation and logistics companies in North America, using compromised email accounts to distribute information stealers and remote access trojans. The campaign has evolved with new infrastructure and techniques, including the use of ClickFix to trick victims into downloading malware. Several stealer malware strains have also … Read more
September 16, 2024 at 10:05AM The 2024 US presidential election raises concerns about cybersecurity, particularly around local election systems. While secure, threats such as voting machine hacking, DDoS attacks, ransomware disruptions, website defacement, and email access targeting are anticipated. Despite protective measures, voters should remain informed to minimize potential disruptions. Based on the meeting notes, … Read more
September 16, 2024 at 01:21AM Cybersecurity researchers have identified ongoing phishing campaigns using HTTP header refresh entries to deliver fake email login pages, targeting large corporations in South Korea, U.S. government agencies, and schools. These attacks encompass various sectors and are part of a growing trend of sophisticated tactics to trick recipients and steal sensitive … Read more
August 29, 2024 at 08:16AM Microsoft Copilot is gaining popularity as an artificial intelligence productivity assistant for large enterprises. However, Zenity’s CTO Michael Bargury warns about cybersecurity risks due to Copilot’s deep access into enterprise systems, making it vulnerable to malicious attacks. Bargury demonstrated how a single email can take over Copilot, despite acknowledging its … Read more
August 28, 2024 at 09:08AM Microsoft fixed flaws in Copilot that allowed attackers to steal users’ emails and personal data through a series of LLM-specific attacks, including prompt injection. Red teamer Johann Rehberger disclosed the exploit, prompting Microsoft to make changes for customer protection. The exploit used prompt injection, automatic tool invocation, and ASCII smuggling … Read more
August 27, 2024 at 11:25AM Jon Clay reviews seven key initial attack vectors and provides proactive security tips to reduce cyber risk across the attack surface amid the rapid expansion of the digital attack surface due to digital transformation and remote work. The vectors include email, web and web applications, vulnerabilities, devices, island hopping, insider … Read more
August 26, 2024 at 12:54PM Microsoft is investigating a false positive issue in Exchange Online, where emails with images are wrongly tagged as malicious and quarantined. The ongoing service degradation issue seems widespread, affecting outbound traffic, replies, and forwards of external emails. This is reminiscent of a past issue in October 2023. Microsoft is actively … Read more
August 22, 2024 at 06:37AM UC Santa Cruz students received a deceptive email warning about an Ebola case on campus, which turned out to be a phishing exercise aiming to raise awareness. The simulated attack caused panic and an apology was issued by the university’s chief information security officer. The incident emphasized the importance of … Read more