CEO Truong Anh Tuan of Information Solutions Joint Stock Company (iWay) has just shared about the risks in the recently discovered Zero-day information security vulnerability in the Zimbra mail system.
This is a vulnerability reported by the Department of Information Security (Ministry of Information and Communications) in official dispatch No. 2216 /CATTT-NCSC sent to the agency responsible for information security of state agencies and state-owned enterprises. large banks and financial institutions. This vulnerability has a relatively large level of impact, which can lead to widespread attacks worldwide
According to Mr. Tuan, hackers can exploit Zero-day vulnerabilities in cyber attacks to steal email data, user authentication information, and authentication tokens to steal data and destroy the system. system, financial theft, terrorism With thousands of businesses and organizations using the Zimbra email service, they can all become targets for hackers to attack Zero-day vulnerabilities to data theft, distributed denial of service (DDoS) attacks, or malware installation.
Therefore, Mr. Tuan said businesses and organizations should take several measures to minimize the risk of being attacked by Zero-day vulnerabilities such as using security solutions such as firewalls and anti-spyware. regular security checks; train staff on security threats; apply enhanced security measures; Regularly monitor information channels of suppliers as well as agencies and organizations responsible for network information security to promptly update patches for systems and applications in use.
Mr. Tuan also acknowledged that ensuring and maintaining a safe and stable IT system is a challenge for many businesses and organizations, especially having an IT workforce with sufficient knowledge and skills is a challenge for many businesses and organizations. very difficult. Businesses and organizations that lack an IT team that understands and has in-depth knowledge of Zimbra, can hire expert services from reputable companies to deploy consulting and customization services (if necessary). , installation, training, system conversion, warranty, and maintenance against Zero-day attacks.
One of the expert services that can be mentioned is iWay, which has experience with Zimbra for nearly 20 years and is present in groups discussing and monitoring security vulnerabilities, including Zero-day vulnerabilities. Therefore, when a vulnerability is discovered, the company and the community work to fix it. All iWay customers are updated with the latest patch, ensuring the vulnerability is fixed as soon as possible.