You might be interested in …

[SANS ISC] CVE-2019-9670: Zimbra Collaboration Suite XXE vulnerability, (Sat, Jun 26th)

All posts, Sans-ISC

This XML External Entity injection (XXE) vulnerability disclosed in March 2019 is still actively scanned for a vulnerable mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10. This exploit attempts to read the Zimbra configuration file that contains an LDAP password for the zimbra account. Sample Log 20210625-144918: 192.168.25.9:443-45.146.165.123:41062 data POST /Autodiscover/Autodiscover.xml HTTP/1.1 Host: […]

Read More

[ZDNet] Verizon-owned Visible acknowledges hack, confirms account manipulations

All posts, ZDNet

The company has faced overwhelming criticism from users, who took to social media to say their accounts had been hacked and used to buy phones or make other charges. Source: Read More (Latest topics for ZDNet in Security)

Read More

[SecurityWeek] US Has Recovered Ransom Payment Made After Pipeline Hack

All posts, Security Week

The Justice Department has recovered the majority of a multimillion-dollar ransom payment to hackers after a cyberattack that caused the operator of the nation’s largest fuel pipeline to halt its operations last month, officials said Monday. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.