Tag

Roundcube

All articles tagged with #roundcube

cyber-espionage-vulnerability1 year ago•1 min saved

Russian Hackers Exploit Roundcube Flaws to Target European Organizations

Russian-linked hackers, identified as Winter Vivern, exploited cross-site scripting vulnerabilities in Roundcube webmail servers to target over 80 organizations primarily in Georgia, Poland, and Ukraine, with the goal of collecting intelligence on European political and military activities. The campaign, attributed to Threat Activity Group 70 (TAG-70), involved sophisticated attack methods, including social engineering techniques and the exploitation of Roundcube flaws to exfiltrate user credentials to a command-and-control server. The hackers have also targeted Iranian embassies in Russia and the Netherlands, as well as the Georgian Embassy in Sweden, indicating a broader geopolitical interest in assessing diplomatic activities and monitoring geopolitical aspirations.

via The Hacker News|

#cyber-espionage #cyber-espionage-vulnerability #recorded-future

cybersecurity2 years ago•2 min saved

"Massive Cyber Espionage Campaign Targets European Governments with Webmail Zero-Day Exploit"

Pro-Russia hackers known as Winter Vivern have been exploiting a zero-day vulnerability in Roundcube, a widely used webmail software, to target governmental entities and a think tank in Europe. The vulnerability allowed the hackers to inject JavaScript into the Roundcube server application, triggering the server to send emails from selected targets to a server controlled by the threat actor. The attacks began on October 11 and were detected by security firm ESET, who promptly reported the vulnerability to Roundcube developers. Winter Vivern has previously targeted US government officials and has been active since at least 2020, primarily focusing on Europe and Central Asia. Users of Roundcube are advised to ensure they are running a patched version of the software.

via Ars Technica|

#cybersecurity #pro-russia-hackers #roundcube

cybersecurity2 years ago•2 min saved

Zero-Day Exploits: European Governments and Russian Organizations Targeted in Roundcube Webmail Hacks

The Winter Vivern Russian hacking group has been exploiting a zero-day vulnerability in Roundcube Webmail to target European government entities and think tanks since October 11. The vulnerability allowed the group to remotely inject arbitrary JavaScript code into Roundcube email servers, enabling them to harvest and steal emails. The Roundcube development team released security updates to fix the vulnerability after it was reported by ESET researchers. Winter Vivern has previously targeted government organizations using known vulnerabilities in Roundcube and Zimbra email servers. The group's persistence and regular phishing campaigns pose a significant threat to European governments.

via BleepingComputer|

#cyberespionage #cybersecurity #european-government