all InfoSec news
Four Threat Groups Targeted Zimbra Collaboration Flaw
Google’s top threat research team has discovered four separate campaigns exploiting a vulnerability in the Zimbra Collaboration server that the team found in June, three of which emerged in the weeks after the hotfix for the bug was posted to GitHub.
The vulnerability, which is an XSS bug, first emerged in June, when researchers from Google’s Threat Analysis Group (TAG) observed a threat actor exploiting it in attacks against government organizations in Greece. TAG specifically tracks the activity of state-backed …