all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Zimbra zero-day exploited to steal government emails by four groups

Add to bookmarks
Nov. 16, 2023, 8:49 p.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day (CVE-2023-37580) to steal emails from governments. Google Threat Analysis Group (TAG) researchers revealed that a zero-day vulnerability, tracked as CVE-2023-37580 (CVSS score: 6.1), in the Zimbra Collaboration email software was exploited by four different threat actors to steal email data, user credentials, and authentication tokens […]

analysis apt breaking news collaboration cve cve-2023-37580 cvss email emails exploited google google tag google threat analysis group government hacking information security news it information security pierluigi paganini researchers score software steal tag threat threat actors threat analysis threat analysis group vulnerability xss zero-day zero-day vulnerability zimbra zimbra collaboration suite

Visit resource

More from securityaffairs.co / Security Affairs

Ex-NSA employee sentenced to 262 months for attempting to transfer classified documents to Russia 4 hours ago | securityaffairs.co
agency breaking news classified colorado +16
Cuttlefish malware targets enterprise-grade SOHO routers 4 hours ago | securityaffairs.co
authentication black lotus black lotus labs cloud +26
A flaw in the R programming language could allow code execution 6 hours ago | securityaffairs.co
arbitrary code arbitrary code execution breaking news code +22
Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall 14 hours ago | securityaffairs.co
apt bypass china china great firewall +21
Notorious Finnish Hacker sentenced to more than six years in prison 1 day, 1 hour ago | securityaffairs.co
aleksanteri kivimäki breaking news center cyber crime +17
CISA guidelines to protect critical infrastructure against AI-based threats 1 day, 5 hours ago | securityaffairs.co
agency ai ai risks analysis +27
NCSC: New UK law bans default passwords on smart devices 1 day, 15 hours ago | securityaffairs.co
april ban bans breaking news +29
The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user … 1 day, 17 hours ago | securityaffairs.co
access breaking news carriers communications +19
Google prevented 2.28 million policy-violating apps from being published on Google Play in 2023 2 days, 2 hours ago | securityaffairs.co
android apps breaking news google +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs