TechRepublic
New Microsoft Exchange credential stealing malware could be worse than phishing – While looking for additional Exchange vulnerabilities in the wake of this years zero-days, Kaspersky found an IIS add-on that harvests credentials from OWA whenever, and wherever, someone logs in. …