Critical SharePoint, Qakbot-linked flaws focus of May Patch Tuesday | Computer Weekly
The critical vulnerability on Microsoft SharePoint Server and two zero-day flaws in Windows should be addressed immediately by administrators. [ more ]
Google patches its fifth zero-day vulnerability of the year in Chrome
Google has patched a high-severity zero-day vulnerability in Chrome, marking the fifth update this year to protect against malicious exploits. [ more ]
Critical SharePoint, Qakbot-linked flaws focus of May Patch Tuesday | Computer Weekly
The critical vulnerability on Microsoft SharePoint Server and two zero-day flaws in Windows should be addressed immediately by administrators. [ more ]
Google patches its fifth zero-day vulnerability of the year in Chrome
Google has patched a high-severity zero-day vulnerability in Chrome, marking the fifth update this year to protect against malicious exploits. [ more ]
APTs Swarm Zimbra Zero-Day to Steal Government Info Worldwide
Four separate cyberattack groups have exploited a zero-day security vulnerability in the Zimbra Collaboration Suite to steal email data and credentials.
The attacks targeted government organizations in Greece, Moldova, Tunisia, Vietnam, and Pakistan.
The vulnerability was patched in July, but the attacks began before the patch was available. [ more ]
APTs Swarm Zimbra Zero-Day to Steal Government Info Worldwide
Four separate cyberattack groups have exploited a zero-day security vulnerability in the Zimbra Collaboration Suite to steal email data and credentials.
The attacks targeted government organizations in Greece, Moldova, Tunisia, Vietnam, and Pakistan.
The vulnerability was patched in July, but the attacks began before the patch was available. [ more ]
APTs Swarm Zimbra Zero-Day to Steal Government Info Worldwide
Four separate cyberattack groups have exploited a zero-day security vulnerability in the Zimbra Collaboration Suite to steal email data and credentials.
The attacks targeted government organizations in Greece, Moldova, Tunisia, Vietnam, and Pakistan.
The vulnerability was patched in July, but the attacks began before the patch was available. [ more ]
APTs Swarm Zimbra Zero-Day to Steal Government Info Worldwide
Four separate cyberattack groups have exploited a zero-day security vulnerability in the Zimbra Collaboration Suite to steal email data and credentials.
The attacks targeted government organizations in Greece, Moldova, Tunisia, Vietnam, and Pakistan.
The vulnerability was patched in July, but the attacks began before the patch was available. [ more ]
Zimbra Zero-Day Exploited to Hack Government Emails
A Zimbra Collaboration Suite zero-day vulnerability was exploited to steal email data from government organizations in multiple countries.
The exploit, tracked as CVE-2023-37580, is a reflected cross-site scripting (XSS) bug that requires the user to click on a malicious link.
Google's Threat Analysis Group observed multiple campaigns exploiting the zero-day and linked the attacks to a Russian APT known as Winter Vivern. [ more ]
Zimbra Zero-Day Exploited to Hack Government Emails
A Zimbra Collaboration Suite zero-day vulnerability was exploited to steal email data from government organizations in multiple countries.
The exploit, tracked as CVE-2023-37580, is a reflected cross-site scripting (XSS) bug that requires the user to click on a malicious link.
Google's Threat Analysis Group observed multiple campaigns exploiting the zero-day and linked the attacks to a Russian APT known as Winter Vivern. [ more ]
Zimbra Zero-Day Exploited to Hack Government Emails
A Zimbra Collaboration Suite zero-day vulnerability was exploited to steal email data from government organizations in multiple countries.
The exploit, tracked as CVE-2023-37580, is a reflected cross-site scripting (XSS) bug that requires the user to click on a malicious link.
Google's Threat Analysis Group observed multiple campaigns exploiting the zero-day and linked the attacks to a Russian APT known as Winter Vivern. [ more ]
Zimbra Zero-Day Exploited to Hack Government Emails
A Zimbra Collaboration Suite zero-day vulnerability was exploited to steal email data from government organizations in multiple countries.
The exploit, tracked as CVE-2023-37580, is a reflected cross-site scripting (XSS) bug that requires the user to click on a malicious link.
Google's Threat Analysis Group observed multiple campaigns exploiting the zero-day and linked the attacks to a Russian APT known as Winter Vivern. [ more ]