all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Winter Vivern APT Targets Zero Day in Roundcube

Add to bookmarks
Oct. 25, 2023, 1:05 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

A relatively new attack group that has targeted European and Asian government organizations for several months has been exploiting a zero day XSS vulnerability in the open source Roundcube webmail server software in recent weeks.


The group is known as Winter Vivern, and researchers from several organizations have been tracking its activities since at least 2020. Many of the group’s targets have been government agencies, think tanks, and other government-connected organizations, and Winter Vivern has shown a propensity for …

apt attack exploiting government open source organizations researchers roundcube roundcube webmail server software tracking vulnerability webmail winter winter vivern xss

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Cyberattack against United Russia claimed by Ukraine 36 minutes ago | malware.news
attack cyberattack distributed initiative +14
US jails former NSA employee for attempting secret sale to Russia 36 minutes ago | malware.news
agency article confidential defense +25
Better identity threat detection sought by new Semperis ML-based tool 36 minutes ago | malware.news
and response article detection detection and response +27
Red Hat's latest enterprise Linux delivers new features to tackle hybrid-cloud complexity an hour ago | malware.news
addition article cloud complexity +13
NASA doesn't know if its spacecraft have adequate cyber defenses, GAO warns an hour ago | malware.news
agency article best practices cyber +11
US warns of Russian hackers targeting operational technology in water systems 2 hours ago | malware.news
advisory breached hackers official +10
Senators grill UnitedHealth CEO on Change Healthcare cyberattack 2 hours ago | malware.news
article ceo change change healthcare +13
‘Uncharted Territory:’ Companies Devise AI Security Policies 3 hours ago | malware.news
ai security businesses companies don +14
Significant drop recorded in FBI searches of Section 702 database 3 hours ago | malware.news
act agency database fbi +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs