Tag Archives | security

Zimbra Admin Alert … Potential “memcrashd” attack

Zimbra memcached may face the “memcrashd” attack on port 11211. By default, memcached listens on a server IP address that is accessible on the network and via the internet if there is no firewall. If your Zimbra memcache servers are behind a firewall, we recommend blocking access on port 11211 from the Internet to Zimbra […]

Continue Reading

Half of All Email Systems will be Replaced in Two Years

Today, Zimbra announced the results of the Ponemon Institute’s “The Open Source Collaboration Study: Viewpoints on Security and Privacy in the U.S. and EMEA” report. Sponsored by Zimbra, the study surveyed 1,398 IT and IT security practitioners to learn about their companies’ involvement in the use of open source messaging and collaboration solutions, and their […]

Continue Reading

Microsoft Ruling a Setback to Data Privacy?

For any organization that relies on cloud-based email, there is an important legal decision that may affect your company’s data privacy. In the most recent round of judgment against Microsoft, there are noteworthy remarks from US District Judge Loretta Preska and lawyers for the US Justice Department. “It is a question of control, not a […]

Continue Reading

JavaScript Hijacking

In the past few days news sites and a few blogs have picked up a document written by Fortify Software regarding “JavaScript Hijacking”. We’ve also had a few customers and our community ask for Zimbra’s view on the topic. First and foremost we take security very seriously. We’ve talked about securing ajax in the past […]

Continue Reading

Securing Ajax

To continue the Zimbra blog series on Ajax (recent entries include Ajax innovation is about the server, Ajax optimization techniques (presented at OSCON), OpenAjax update, and Ajax’s impact on scaling), we wanted to offer some general thoughts on securing Ajax applications gleaned, of course, from our Zimbra experience. (more…)

Continue Reading

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures