Zimbra issues awaited patch for actively exploited vulnerability

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZCS

Tags: CVE-2023-38750

Tags: CISA

Tags: CVE-2023-0464

Tags: TAG

Tags: XSS

Tags: JSP

Tags: XML

Tags:

Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that could lead to exposure of internal JSP and XML files.

(Read more…)

The post Zimbra issues awaited patch for actively exploited vulnerability appeared first on Malwarebytes Labs.

Read more

Act now! In-the-wild Zimbra vulnerability needs a workaround

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: MalasLocker

Tags: vulnerability

Tags: Google

Tags: actively exploited

Tags: fn:escapeXml

Security experts are warning Zimbra users that a vulnerability for which there is no patch is being actively exploited in the wild.

(Read more…)

The post Act now! In-the-wild Zimbra vulnerability needs a workaround appeared first on Malwarebytes Labs.

Read more

[updated] Thousands of Zimbra mail servers backdoored in large scale attack

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZVS

Tags: cve-2022-27925

Tags: web shell

Tags: cve-2022-37042

Tags: authentication

Tags: RCE

Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers

(Read more…)

The post [updated] Thousands of Zimbra mail servers backdoored in large scale attack appeared first on Malwarebytes Labs.

Read more

Thousands of Zimbra mail servers backdoored in large scale attack

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZVS

Tags: cve-2022-27925

Tags: web shell

Tags: cve-2022-37042

Tags: authentication

Tags: RCE

Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers

(Read more…)

The post Thousands of Zimbra mail servers backdoored in large scale attack appeared first on Malwarebytes Labs.

Read more

A week in security (January 31 – February 6)

Credit to Author: Malwarebytes Labs| Date: Mon, 07 Feb 2022 11:13:55 +0000

The most important and interesting security stories from the last seven days.

Categories: A week in security

Tags:

(Read more…)

The post A week in security (January 31 – February 6) appeared first on Malwarebytes Labs.

Read more