Hackers Exploiting High-Severity Zimbra Flaw to Steal Email Account Credentials

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Post Sharing


It is now possible for hackers to identify and attack vulnerable instances; all credit goes to the opportunity provided by this. As a result of stealing the credentials from a Zimbra account, they are able to do the following things:-

  • Access the email server
  • Making spear-phishing easier by removing the barriers to entry
  • Social engineering
  • BEC (Business Email Compromise) attacks

Zimbra Collaboration is used by a variety of organizations, including the following:- 

  • The number of businesses in the network exceeds 200,000.
  • The number of state entities exceeds 1,000.
  • In 140 countries, they support critical organizations.

In spite of all the recommendations made by CISA, all Federal agencies in the U.S. need to apply the security updates available to them as soon as possible until August 25, 2022, since it’s the final deadline.

Moreover, apart from the Federal agencies, CISA has also recommended all non-federal agencies and organizations immediately apply the security updates to avoid any exploitation.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates.