Techly NewsGet the app

Get the latest tech news

Attackers exploit critical Zimbra vulnerability using cc’d email addresses


When successful, attacks install a backdoor. Getting it to work reliably is another matter.

Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. When an admin manually changes default settings to enable the postjournal service, attackers can execute commands by sending maliciously formed emails to an address hosted on the server. In an email sent Wednesday afternoon, Proofpoint researcher Greg Lesnewich seemed to largely concur that the attacks weren’t likely to lead to mass infections that could install ransomware or espionage malware.

Get the Android app

Or read this on ArsTechnica

Read more on:

Photo of attackers

attackers

Photo of cc’d

cc’d

Photo of cc’d email addresses

cc’d email addresses

Related news:

News photo

Kia dealer portal flaw could let attackers hack millions of cars

News photo

YubiKey vulnerability will let attackers clone the authentication device

News photo

Defenders think in lists, attackers think in graphs (2015)

« Tracking the historical events that lead to the interweaving of knowledge (2021)
The creepy Crow Country is coming to Nintendo Switch on October 16 »