On August 18, MS-ISAC and CISA released a cybersecurity advisory warning about Common Vulnerabilities and Exposures (CVEs) that they claim are "currently being exploited" against the Zimbra Collaboration Suite (ZCS).

The report claims that hostile online actors have targeted unpatched ZCS software versions.

Users and administrators are urged to follow the recommendations of the cybersecurity alert in order to assist protect their organization's systems against the hostile cyber activity, according to the advisory.

According to the advisory, "CISA and the MS-ISAC encourage organizations that did not update their ZCS instances as soon as the patch was released.

As they continue to search for compromised susceptible systems, CISA and the MS-ISAC declared they will keep the public informed of any potential Indications of Compromise (IOCs).

Additionally, they provided a list of actions ZCS administrators might take to lessen intrusions or find compromised systems, including:

Patch all systems, with known exploited vulnerabilities receiving priority;

#1

Implement detection signatures, look for signs of compromise (IOCs), and

#2

In the event that ZCS was hacked, stop malicious activities.

#3