Researchers have unearthed a dangerous backdoor in Microsoft's Outlook Web Application (OWA) that has allowed hackers to steal e-mail authentication credentials from major organizations.
The Microsoft Outlook Web Application or OWA is an Internet-facing webmail server that is being deployed in private companies and organisations to provide internal emailing capabilities.
Researchers from security vendor Cybereason discovered a suspicious DLL file loaded into the company's OWA server that siphoned decrypted HTTPS server requests.
Although the file had the same name as another benign DLL file, the suspicious DLL file was unsigned and loaded from another directory.
The Microsoft Outlook Web Application or OWA is an Internet-facing webmail server that is being deployed in private companies and organisations to provide internal emailing capabilities.
Researchers from security vendor Cybereason discovered a suspicious DLL file loaded into the company's OWA server that siphoned decrypted HTTPS server requests.
Although the file had the same name as another benign DLL file, the suspicious DLL file was unsigned and loaded from another directory.
