Beware of fraudulent activities using the newly launched .zip and .mov top-level domains. Phishing attacks have already targeted well-known brands like Microsoft and Okta. Apart from phishing, the new .zip and .mov TLDs have also been used for various malicious purposes like hosting zip bombs, redirecting to YouTube videos, and offering file compression services. Here […]
Tag Archives | security
Zimbra advanced mobile device management with Scalefusion MDM
Zimbra 10 is natively supported in Scalefusion Mobile Device Management (MDM). When used together Zimbra and Scalefusion gives your IT teams visibility and control required to secure, manage and monitor any corporate-owned or employee-owned devices that access corporate data. This includes mobile devices (Android and IOS) and managed Windows devices such as laptops. In other words with […]
10 steps to check Zimbra server for compromise
Hackers often install webshells on onpatched Zimbra systems and then wait for some time before actually abusing the compromised system. Especially on systems where critical security patches where installed too late, it may seem all was OK, where in fact a hacker has already gained access to the system, but did not do any other […]
Zimbra Referrer-Policy best practice
The “Referer” header is a HTTP header that is added by the web browser whenever a request is made. A Zimbra user who receives an email with links or images in the Zimbra web interface may unknowingly share information of the Zimbra server when clicking the link or viewing inline-images. For example when an email […]
Did you know? Zimbra HTTP Strict Transport Security (HSTS)
The HTTP Strict-Transport-Security response header (often abbreviated as HSTS) informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. What does HSTS do for improving security? You have HSTS configured on Zimbra and have configured a correct TLS […]
Protecting Zimbra with Sucuri web application firewall
You can enhance the security of your Zimbra servers by using a web application firewall (WAF). By using a web application firewall you can add the following protections to Zimbra: Geo blocking, geo fencing Blocking or allow IP addresses Emergency DDoS protection Block anonymous proxies Block top three attack countries Manage HTTP Security Headers Limited […]