Roundcube zero-day exploited in attacks on European governments – Week in security with Tony Anscombe

6 months ago AndyC

Video
The zero-day exploit deployed by the Winter Vivern APT group only requires that the target views a specially crafted message in a web browser

Video

The zero-day exploit deployed by the Winter Vivern APT group only requires that the target views a specially crafted message in a web browser

Editor

27 Oct 2023

This week, ESET research described how the Winter Vivern APT group has been exploiting a zero-day XSS vulnerability in Roundcube Webmail servers to target European governmental entities and a think tank. ESET researchers uncovered the attacks on October 11th while monitoring Winter Vivern’s cyberespionage operations, which typically take aim at governments in Europe and Central Asia. They promptly reported the security loophole to the Roundcube team on October 12th, who released security updates for the vulnerability four days later.

The security flaw (CVE-2023-5631) can be exploited via specially crafted email messages. Organizations are strongly recommended to update their installations of Roundcube Webmail to the latest version post-haste.

Find out more in the video and in our blogpost.

Connect with us on FacebookTwitterLinkedIn and Instagram.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

Major phishing-as-a-service platform disrupted – Week in security with Tony Anscombe

2 days ago AndyC
What makes Starmus unique? A Q&A with award-winning filmmaker Todd Miller

What makes Starmus unique? A Q&A with award-winning filmmaker Todd Miller

4 days ago AndyC
How technology drives progress: A Q&A with Nobel laureate Michel Mayor

How technology drives progress: A Q&A with Nobel laureate Michel Mayor

4 days ago AndyC
The vision behind Starmus: A Q&A with the festival’s co-founder Garik Israelian

The vision behind Starmus: A Q&A with the festival’s co-founder Garik Israelian

4 days ago AndyC

Protecting yourself after a medical data breach – Week in security with Tony Anscombe

1 week ago AndyC
The many faces of impersonation fraud: Spot an imposter before it’s too late

The many faces of impersonation fraud: Spot an imposter before it’s too late

1 week ago AndyC

You may have missed

<div>Equifax & Norton team up to bolster Australian Cyber Safety</div>

Equifax & Norton team up to bolster Australian Cyber Safety

3 hours ago AndyC
Portnox teams up with Bugcrowd for private bug bounty programme

Portnox teams up with Bugcrowd for private bug bounty programme

3 hours ago AndyC
Top 10 barriers to strategic IT success

Top 10 barriers to strategic IT success

3 hours ago AndyC
Dump the RFP to reap better outsourcing results

Dump the RFP to reap better outsourcing results

3 hours ago AndyC
The new CIO mandate: Selling AI to employees

The new CIO mandate: Selling AI to employees

3 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.