Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://poa.st/objects/40f718f2-902f-4bd0-9a5d-9da56450a9a6">Aether ??? (aether@poa.st)'s status on Thursday, 03-Oct-2024 20:57:22 JST</a><a href="https://poa.st/users/Aether" title="aether@poa.st"><img src="https://gnusocial.jp/avatar/3119-48-20220802142317.webp" width="48" height="48" alt="Aether ???" style="position: absolute; left: 0; top: 0;">Aether ???</a></section><article>If you run a Zimbra server, which you probably don't, it's time you patched it.<br><br><a href="https://arstechnica.com/security/2024/10/attackers-exploit-critical-vulnerability-recently-patched-in-zimbra-servers/">arstechnica.com/security/2024/10/attackers-exploit-critical-vulnerability-recently-patched-in-zimbra-servers/</a><br><br>Nasty exploit in the wild.</article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3767454#notice-7373610">In conversation</a><time datetime="2024-10-03T20:57:22+09:00" title="Thursday, 03-Oct-2024 20:57:22 JST">about 5 months ago</time> <span>from <span><a href="https://poa.st/objects/40f718f2-902f-4bd0-9a5d-9da56450a9a6" rel="external" title="Sent from poa.st via ActivityPub">poa.st</a></span></span><a href="https://poa.st/objects/40f718f2-902f-4bd0-9a5d-9da56450a9a6">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: cdn.arstechnica.net</div><h5><a href="https://arstechnica.com:443/security/2024/10/attackers-exploit-critical-vulnerability-recently-patched-in-zimbra-servers/">Attackers exploit critical Zimbra vulnerability using cc’d email addresses</a></h5><div></div></header><div>When successful, attacks install a backdoor. Getting it to work reliably is another matter.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Aether ??? (aether@poa.st)'s status on Thursday, 03-Oct-2024 20:57:22 JST Aether ???
If you run a Zimbra server, which you probably don't, it's time you patched it.

arstechnica.com/security/2024/10/attackers-exploit-critical-vulnerability-recently-patched-in-zimbra-servers/

Nasty exploit in the wild.
In conversationabout 5 months ago from poa.stpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: cdn.arstechnica.net
  Attackers exploit critical Zimbra vulnerability using cc’d email addresses
  When successful, attacks install a backdoor. Getting it to work reliably is another matter.

Public

Embed Notice

HTML Code

Corresponding Notice