Volexity: Attackers exploit RCE flaw to breach Zimbra servers | allinfosecnews.com

Aug. 13, 2022, 2:53 a.m. | SC Staff

SC Magazine feed for Risk Management www.scmagazine.com

Threat intelligence firm Volexity discovered that attackers have been actively exploiting a remote code execution flaw tracked as CVE-2022-27925 with the help of the CVE-2022-37042 auth bypass bug as early as the end of June to compromise Zimbra Collaboration Suite email servers, which are used by over 200,000 businesses, including more than 1,000 government and financial organizations across 140 countries, Bleeping Computer reports. "Volexity believes this vulnerability was exploited in a manner consistent with what it saw with Microsoft Exchange …

attackers breach exploit flaw rce remote access servers volexity zimbra

More from www.scmagazine.com / SC Magazine feed for Risk Management

Battening down the hatches: Navigating third-party cyber threats 4 hours ago | www.scmagazine.com

breach can cyber cyber threats +11

CoralRaider leverages CDN cache domains in new infostealer campaign 8 hours ago | www.scmagazine.com

apps authentication cache campaign +10

5G Hackathons - Casey Ellis - BTS #28 8 hours ago | www.scmagazine.com

bug bounties casey ellis hackathons supply chain +1

AI tapped by Torq HyperSOC to better combat cyber threats 11 hours ago | www.scmagazine.com

aiml alert alert fatigue artificial +27

US indicts botnet operator 11 hours ago | www.scmagazine.com

attacks bleepingcomputer botnet computers +9

Ukrainian documents laced with old malware exposed 11 hours ago | www.scmagazine.com

back compromised cyberscoop devices +18

Dark web inundated by cheap ransomware tools 11 hours ago | www.scmagazine.com

attacks cybercriminals cybersecurity dark +16

Proposed FTC commercial surveillance rules expected soon 14 hours ago | www.scmagazine.com

commercial cybersecurity data data security +17

Global cyber incident detection capabilities improve 14 hours ago | www.scmagazine.com

capabilities compromise cyber cyber incident +13

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Level 1 SOC Analyst

@ Telefonica Tech | Dublin, Ireland

View on infosec-jobs.com

Specialist, Database Security

@ OP Financial Group | Helsinki, FI

View on infosec-jobs.com

Senior Manager, Cyber Offensive Security

@ Edwards Lifesciences | Poland-Remote

View on infosec-jobs.com

Information System Security Officer

@ Booz Allen Hamilton | USA, AL, Huntsville (4200 Rideout Rd SW)

View on infosec-jobs.com

Senior Security Analyst - Protective Security (Open to remote across ANZ)

@ Canva | Sydney, Australia

View on infosec-jobs.com