October 10, 2024 at 02:50PM U.S. and U.K. cyber agencies have warned that APT29 hackers linked to Russia are targeting unpatched Zimbra and JetBrains TeamCity servers worldwide. A joint advisory urges network defenders to deploy security patches to prevent attacks exploiting multiple vulnerabilities, highlighting ongoing threats to both government and private sectors. ### Meeting Takeaways: … Read more
October 2, 2024 at 06:27AM A critical vulnerability in Zimbra was exploited in the wild to deploy a web shell on vulnerable servers shortly after a proof-of-concept release. This raised significant concerns regarding the security of Zimbra systems. Source: SecurityWeek. Based on the meeting notes, the key takeaway is that a critical-severity vulnerability in Zimbra … Read more
November 17, 2023 at 11:11AM Threat actors exploited a zero-day vulnerability in Zimbra Collaboration email server to steal sensitive data from government systems in multiple countries. The vulnerability, known as CVE-2023-37580, allowed the hackers to perform email forwarding, steal credentials, and lead victims to phishing pages. The attacks took place before Zimbra released an official … Read more