Email giant exposes serious vulnerability, user data is stolen

According to foreign media reports , Mail giant Zimbra Expose serious loopholes , Hackers can steal login information without authentication or user interaction , This means that hackers can log in to the user's mailbox without an account or password .

Zimbra Is an open source collaborative office suite, including WebMail, The calendar , Address book ,Web Document management and authoring . Its biggest feature is that it uses Ajax Technical imitation CS The style of desktop application software development is compatible with the client Firefox,Safari and IE browser . Its products are all over the world , In countries / The district government 、 organization 、 It is widely used in the financial and educational sectors .

The researchers found that , An attacker can attack vulnerable Zimbra The customization of the instance HTTP request , To override the known user name IMAP Route entry . When a real user logs in ,Zimbra Medium Nginx The agent will send all IMAP Traffic is forwarded to the attacker , Include plain text credentials .

Mail client （ Such as Thunderbird、Microsoft Outlook、macOS E-mail applications and smart phone e-mail applications ） Users are usually connected to their IMAP The credentials of the server are stored on disk , Therefore, an attacker can use this vulnerability to bypass the restriction , When the user has no interaction and does not understand Zimbra Instance to steal the credentials of any user .

The study found that , There are nearly 80% The data leakage is related to e-mail . If it is a government or enterprise email , It bears confidential documents 、 Important transmission tasks of key information , Then its security is even more important .

Email encryption , Protect mail data security

If the user's mail data is clear text （ unencrypted ） Send and receive , Then the attacker will steal all the mail data of the user . therefore , We need to encrypt the mail with high strength .

When sending e-mail over the Internet , Mail will be sent through unprotected communication channels , Transfer multiple servers to reach the recipient , therefore , Mail account 、 Both the password and the content itself can be intercepted . In order to better protect email security , The message needs to be encrypted .

Loopholes are everywhere , We need to take protective measures

Network technology 、 operating system 、 In fact, there are loopholes in the application software , This is why we often need to update . Although we can not eliminate the existence of loopholes , However, we can greatly reduce the risks brought by them through management and technical protection measures .

Mail attack , Or it will cause the enterprise to leak on a larger scale

Both the server and the email client are vulnerable to malware . Users are vulnerable to phishing or fake emails , Click to start the malicious program . When the email server is infected , The stability of the entire internal system will be threatened , So as to leak data or be hidden in the system by malicious software , Constantly stealing emails and more data .