1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Top Russian military hackers target NATO using Microsoft Outlook

    From TechnologyDaily@1337:1/100 to All on Fri Dec 8 14:15:06 2023
    Top Russian military hackers target NATO using Microsoft Outlook exploits

    Date:
    Fri, 08 Dec 2023 14:08:43 +0000

    Description:
    Since Russia's war against Ukraine started, APT28 has been quite active, even targeting a NATO unit.

    FULL STORY ======================================================================

    Between April and December 2022, the NATO Rapid Deployable Corps, a NATO
    force that can quickly be deployed to command NATO forces, was targeted by Russian state-sponsored hackers.

    This is according to cybersecurity researchers Unit 42, a security arm of
    Palo Alto Networks, who noted that the hackers were after sensitive data and other valuable intelligence.

    A few weeks after the invasion of Ukraine, a threat actor known as APT28 (AKA Fancy Bear, Fighting Ursa) started abusing a zero-day vulnerability in Microsoft Outlook to target the State Migration Service of Ukraine with malware . A month later, Unit 42 says, it used the same vulnerability - tracked as CVE-2023-23397, in more campaigns. In total, networks of roughly
    15 government, military, energy, and transportation organizations around Europe were targeted. The Russians were after emails with military intelligence, which might aid the countrys war effort. NATO members under attack

    When Microsoft patched the flaw a year later, APT28 was already deep enough, obtained enough credentials, and established enough persistence to keep
    going. It expanded its campaign in May this year, when it started abusing a separate flaw, tracked as CVE-2023-29324.

    Now, Unit 42 claims all of the affected countries are NATO members, and in
    one instance, even the NATO Rapid Deployable Corps was a target.

    "Using a zero-day exploit against a target indicates it is of significant value. It also suggests that existing access and intelligence for that target were insufficient at the time," Unit 42 said. "In the second and third campaigns, Fighting Ursa continued to use a publicly known exploit that was already attributed to them, without changing their techniques. This suggests that the access and intelligence generated by these operations outweighed the ramifications of public outing and discovery.

    "For these reasons, the organizations targeted in all three campaigns were most likely a higher than normal priority for Russian intelligence."

    Via BleepingComputer More from TechRadar Pro This huge Russian phishing campaign is hitting targets across the world Here's a list of the best firewalls today These are the best endpoint protection software right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/top-russian-military-hackers-target-nat o-using-microsoft-outlook-exploits


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)