Winter Vivern Threat Group Has Targeted Zimbra Email Servers Worldwide

Feds offer details on Scattered Spider, Israeli PD sentenced to over six years for hacking campaigns, FTC raps prison telecom provider for bad security, The wide impacts of Appin, much more

Publishing notice: Metacurity will be on a publishing break starting November 20. Barring any significant cybersecurity developments, we resume publication on November 27.

Given that this is the season of gratitude in the US, I thank our readers for your support. I would particularly like to thank our paid subscribers for their generosity, which motivates me to continue with this newsletter. I am in your debt.

For my readers who are not yet paid supporters, consider tapping into your own spirit of generosity and becoming a paid subscriber today.

Image by Gerd Altmann from Pixabay

Google's Threat Analysis Group said it discovered and worked to help patch an email server flaw, CVE-2023-37580, targeting email server Zimbra Collaboration, which was by threat group Winter Vivern used to steal email data, user credentials, and authentication tokens from governments in Greece, Moldova, Tunisia, Vietnam, and Pakistan.

The attacks began in Greece last June using phishing emails sent to a governme…