Archive | Security & Privacy

Zimbra Admin Reminder … Block “memcrashd” Port 11211

Hello Zimbra Friends & Admins, This is a friendly reminder that Zimbra memcached may face the “memcrashd” attack on port 11211. By default, memcached listens on a server IP address that is accessible on the network and via the internet if there is no firewall. If your Zimbra memcache servers are behind a firewall, we […]

Continue Reading 0

Zimbra Wiki to Latest Patches & More!

Hello Zimbra Friends,   Looking for the latest Zimbra Patch?   This Zimbra wiki page lists all Zimbra product releases with a link to the current Patch: https://wiki.zimbra.com/wiki/Zimbra_Releases   Click a Patch link for additional details + installation instructions. Important Patch install info: Patches are cumulative, so you usually don’t need to install any prior patches. […]

Continue Reading

[REPOST] Recent Zimbra XXE / SSRF Vulnerability Disclosure

This is a reposting of Rene’s original blog announcement on March 18, 2019. Please read and be sure that your Zimbra Patches are up-to-date! Hello Zimbra Friends, Background The Zimbra Security team has been working with security researcher An Trinh in advance of his recently-published blog post. In the blog, Trinh details his findings regarding […]

Continue Reading

Install Zimbra Patches!

Zimbra releases software patches about every 4 weeks. Please install these patches … they are IMPORTANT to keep your Zimbra environment running smoothly. Patches address security vulnerabilities, software improvements, bug fixes and so much more. If you don’t install every patch, your Zimbra deployment could be at risk. Click here to see the latest Zimbra […]

Continue Reading

Want Data Sovereignty + Regional Regulation Peace of Mind?

Zimbra customers do. They want to… Host their own communications for improved confidentiality Have complete control over all settings Be able to customize the domain name of their messaging Our customers have always valued Zimbra’s security and privacy features. Now we are finding that more and more of our customers are choosing Zimbra for data […]

Continue Reading

Two Thirds of Fortune 500 Companies Miss The Mark On Email Security … Do You?

This week, Axios reported … Fortune 500 companies are doing … a lousy job at email security. 330 out of the Fortune 500 companies do not have computers set up to prevent sending fraudulent emails in a firm’s name. If these resource-rich companies have not implemented simple steps to beef up their email security, chances are that […]

Continue Reading