Thursday, November 9, 2023
HomeCyber SecurityRoundcube zero-day exploited in assaults on European governments – Week in safety...

Roundcube zero-day exploited in assaults on European governments – Week in safety with Tony Anscombe


Video

The zero-day exploit deployed by the Winter Vivern APT group solely requires that the goal views a specifically crafted message in an online browser

This week, ESET analysis described how the Winter Vivern APT group has been exploiting a zero-day XSS vulnerability in Roundcube Webmail servers to focus on European governmental entities and a assume tank. ESET researchers uncovered the assaults on October 11th whereas monitoring Winter Vivern’s cyberespionage operations, which usually take intention at governments in Europe and Central Asia. They promptly reported the safety loophole to the Roundcube workforce on October 12th, who launched safety updates for the vulnerability 4 days later.

The safety flaw (CVE-2023-5631) might be exploited by way of specifically crafted electronic mail messages. Organizations are strongly advisable to replace their installations of Roundcube Webmail to the newest model post-haste.

Discover out extra within the video and in our blogpost.

Join with us on FbTwitterLinkedIn and Instagram.





Supply hyperlink

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments