back to article Pro-Russia group exploits Roundcube zero-day in attacks on European government emails

The Winter Vivern cyber spy group is exploiting an XSS zero-day vulnerability in attacks on European governments. Researchers at ESET, who discovered the activity, didn't name the specific government entities it targeted but given Winter Vivern's nexus to Russia and Belarus, they are likely to be adversaries of those countries …

  1. Doctor Syntax Silver badge

    "The exploit started with a convincing-looking phishing email that aimed to spoof the Microsoft Outlook team."

    It depends on how you parse this. Any email purporting to be from the Microsoft Outlook team convincingly looks like phishing and should be treated as such.

    1. Version 1.0 Silver badge

      "All a victim was required to do was open the email in a web browser..." but that's just a little feature added these days to make email apps get higher star ratings (an xkcd link), so many upgrades these days have options that become exploit options.

    2. Captain Scarlet

      Being on D365 I have to laugh when Microsofts own security product MS Security (Or whatever its called this month) blocks emails from Microsoft as Spam

  2. DoContra
    Thumb Up

    Thank y'all for the heads up!

    Roundcube lists (what I used to get version info) have been down since sometime between august and september, and my install was 3 versions behind ¬¬. (Insert rant about software projects that do not have/no longer maintain announcement mailing lists; good thing I revived my tt-rss instance!)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like