Cloud Security

Dozens of European orgs targeted by Russian attacks exploiting Roundcube flaws

At least 80 critical infrastructure, government, and military organizations across Europe, especially those in Ukraine, Poland, and Georgia, have been targeted by October attacks by Russian hacking operation TAG-70, also known as Winter Vivern, UAC-0014, and TA473, which involved the exploitation of cross-site scripting vulnerabilities impacting Roundcube email servers, SecurityWeek reports.

Aside from leveraging the Roundcube XSS flaws, TAG-70 also tapped social engineering techniques to facilitate intelligence gathering on military and political activities from the email servers in a bid to potentially compromise security across Europe, a report from Recorded Future revealed. Attackers may also be moving to target communication channels amid the ongoing war between Russia and Ukraine. "Belarus and Russia-aligned cyber-espionage groups will almost certainly continue, if not expand, targeting webmail software platforms, including Roundcube, while the conflict in Ukraine continues and while tensions with the EU and NATO remain high," said researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.