Operation GhostMail: Russian APT exploits Zimbra Webmail to Target Ukraine State Agency

Operation GhostMail: Russian APT exploits Zimbra Webmail to Target Ukraine State Agency Contents Introduction Target Phishing Email Infection Analysis Stage-1: JavaScript Loader Stage-2: Browser Stealer Infrastructure and Attribution CVE Assessment Conclusion Seqrite Coverage IOCs MITRE ATT&CK Introduction Seqrite Labs identified a targeted phishing campaign that exploits a cross-site scripting (XSS) vulnerability in Zimbra Collaboration (ZCS) […] The post Operation GhostMail: Russian APT exploits Zimbra Webmail to Target Ukraine State Agency appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.