October 8, 2024 at 06:07AM GoldenJackal, a little-known threat actor, has been linked to cyber attacks on embassies and governmental organizations. They aim to infiltrate air-gapped systems using bespoke toolsets. The attacks targeted a South Asian embassy in Belarus and a European Union government organization. The group has displayed advanced capabilities, using multiple malware families … Read more
November 16, 2023 at 11:52AM Four separate cyberattack groups have exploited a former zero-day vulnerability in the Zimbra Collaboration Suite (ZCS) to steal email data, user credentials, and authentication tokens from government organizations worldwide. The bug, which was patched on July 25, enabled the attackers to set up auto-forwarding rules to an attacker-controlled email address. … Read more
November 16, 2023 at 11:45AM Google’s Threat Analysis Group (TAG) has disclosed that a zero-day exploit in Zimbra Collaboration Suite was used to steal email data from government organizations worldwide. The vulnerability (CVE-2023-37580) was made public in July, and it allows attackers to execute malicious code through specially crafted URLs sent via email. Google observed … Read more