zigzag3143
Contributor, Sysnative Staff Emeritus
- Mar 27, 2012
- 3,741
Researchers have uncovered advanced malware that can steal virtually all of a large organization's e-mail passwords by infecting its Outlook Web Application (OWA) mail server over an extended period of time.
Researchers from security firm Cybereason discovered the malicious OWA module after receiving a call from an unnamed company that had more than 19,000 endpoints. The customer had witnessed several behavioral abnormalities in its network and asked Cybereason to look for signs of an infection. Within a few hours, the security firm found a suspicious DLL file loaded into the company's OWA server. While it contained the same name as a benign DLL file, this one was unsigned and was loaded from a different directory.
New Outlook mailserver attack steals massive number of passwords | Ars Technica
Researchers from security firm Cybereason discovered the malicious OWA module after receiving a call from an unnamed company that had more than 19,000 endpoints. The customer had witnessed several behavioral abnormalities in its network and asked Cybereason to look for signs of an infection. Within a few hours, the security firm found a suspicious DLL file loaded into the company's OWA server. While it contained the same name as a benign DLL file, this one was unsigned and was loaded from a different directory.
New Outlook mailserver attack steals massive number of passwords | Ars Technica