cross-site scripting, e-mail, Security technology, Uncategorized, vulnerabilities, zero-day
Google’s Threat Analysis Group announced a zero-day against the Zimbra Collaboration email server that has been used against governments around the world. TAG has observed four different groups exploiting the same bug to steal email data, user credentials, and authentication tokens. Most of this activity occurred after the initial fix became public on Github. To … Read More “Email Security Flaw Found in the Wild” »