October 2, 2024 at 10:35AM Hackers are exploiting a Zimbra email server vulnerability (CVE-2024-45519) by sending specially crafted emails to the SMTP server, allowing them to execute commands. Malicious activity was detected by Proofpoint and a proof-of-concept exploit was released, urging users to update to secure versions or take preventive measures as listed. After reviewing … Read more
October 2, 2024 at 10:20AM Cyber attackers are exploiting a Zimbra email server vulnerability (CVE-2024-45519) using specially crafted emails to trigger remote code execution. Proofpoint detected this “mass-exploitation,” as malicious emails spoofing Gmail deploy fake addresses and harmful code in the CC field. Installation of the webshell via the exploit provides full access to the … Read more
October 1, 2024 at 05:47PM Cyber attackers are actively exploiting a severe remote code execution vulnerability (CVE-2024-45519) in Zimbra’s SMTP server, allowing them to take control of vulnerable systems. Proofpoint researchers observed attacks since Sept. 28, with attackers sending spoofed emails containing base64-encoded malicious code. Zimbra issued updates, but administrators need to apply them promptly … Read more
February 12, 2024 at 02:17PM A recent phishing campaign targeting Microsoft Azure has compromised hundreds of user accounts, including those of senior executives. The hackers aim to access confidential information and launch more attacks within the breached organization. Proofpoint has issued an alert with details of the attacks and defense measures, including monitoring user-agent strings … Read more