Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks
Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says
Chinese Hackers Target European Diplomats with LNK File FlawChinese nation-state hackers are exploiting a Windows vulnerability to hack European diplomatic outposts, say security researchers - but operating system giant Microsoft says the flaw doesn't merit a patch. Hackers used a flaw already compromised by North Korea and Russia.
The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp
At least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017. [...]
ESET Discovers Two Major Vulnerabilities Exploited by Russian RomCom Hacking GroupTwo vulnerabilities in Mozilla products and Windows are actively exploited by RomCom, a Kremlin-linked cybercriminal group known for targeting businesses and conducting espionage, warn security researchers from Eset. Exploiting the two flaws together enables attackers to execute arbitrary code.
Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg. [...]
Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg. [...]
In January 2024, Microsoft discovered they’d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn’t a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of
APT28 Used Hacked Ubiquiti Routers for Hashed Password Relay AttacksA campaign by Russian military intelligence to convert Ubiquiti routers into a platform for a global cyberespionage operation began as early as 2022, U.S. and foreign intelligence agencies said. The U.S. disrupted a botnet built by a hacking unit of Russian military's Main Intelligence Directorate.
Microsoft has patched an Outlook zero-day vulnerability (CVE-2023-23397) exploited by a hacking group linked to Russia's military intelligence service GRU to target European organizations. [...]
Ukraine's Computer Emergency Response Team (CERT) is warning that the Russian hacking group Sandworm may be exploiting Follina, a remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool (MSDT) currently tracked as CVE-2022-30190. [...]