Yikes! New Hack on Old Software
Seems a nasty Russian hacking outfit has exploited a vulnerability in Roundcube, a widely-used webmail app, to take over servers. They did it with a seemingly innocuous e-mail created to appear to be from Microsoft's Outlook team, with guidance on ways to get the most out of your Outlook software.
It appears Roundcube's creators are patching that hole, but it's likely more remain. With the sheer amount of code that goes into modern software, and the way that different parts of the software interact and the incentives for bad actors to find gaps in security systems, it's inevitable that this will be a whack-a-mole process.
It appears Roundcube's creators are patching that hole, but it's likely more remain. With the sheer amount of code that goes into modern software, and the way that different parts of the software interact and the incentives for bad actors to find gaps in security systems, it's inevitable that this will be a whack-a-mole process.