The Latest in IT Security

Hackers Exploited 0-Day Vulnerability in Zimbra Email Platform to Spy on Users

03
Feb
2022
Hackers Exploited 0-Day Vulnerability in Zimbra Email Platform to Spy on Users

image credit: pixabay

A threat actor, likely Chinese in origin, is actively attempting to exploit a zero-day vulnerability in the Zimbra open-source email platform as part of spear-phishing campaigns that commenced in December 2021.

The espionage operation — codenamed “EmailThief” — was detailed by cybersecurity company Volexity in a technical report published Thursday, noting that successful exploitation of the cross-site scripting (XSS) vulnerability could result in the execution of arbitrary JavaScript code in the context of the user’s Zimbra session.

Related posts:
  1. Email spoofing: how attackers impersonate legitimate senders
  2. 4 steps to prevent spear phishing
  3. Protecting your organizations against BEC and other email attacks
  4. Emails Offering Kaseya Patches Deliver Malware
  5. 4 steps to protect the C-suite from business email compromise attacks

Read More

Tags:  
Written by Thehackernews
0 Comments
Comments are closed.

Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments