New OWA attack steals Outlook passwords

Businesses beware. Security firm Cybereason researchers recently discovered a backdoor in Microsoft’s Outlook Web Application (OWA)  that steals passwords. Dan Godin of Ars Technica reported this morning:

Researchers have uncovered advanced malware that can steal virtually all of a large organization’s e-mail passwords by infecting its Outlook Web Application (OWA) mail server over an extended period of time.

http://darkmatters.norsecorp.com/2015/10/05/new-owa-attack-steals-outlook-passwords/?mkt_tok=3RkMMJWWfF9wsRojvK%2FPZKXonjHpfsX66uUoWKWzlMI%2F0ER3fOvrPUfGjI4FS8VrI%2BSLDwEYGJlv6SgFTLjEMa9u1rgPUhI%3D