German Foreign Minister Says Russia will Face Consequences for Monthslong Cyber Espionage

May 4, 2024 at 07:57AM German officials accused Russian military agents of hacking Chancellor Olaf Scholz’s party and other sensitive targets, with NATO and European countries joining in condemning Russia’s cyberespionage actions. The hacking, attributed to Russian military cyber operators, targeted emails and institutions over several months. International efforts shut down the botnet used by … Read more

Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities

May 4, 2024 at 05:30AM Czechia and Germany were targeted by a long-term cyber espionage campaign by Russia-linked APT28, utilizing a security flaw in Microsoft Outlook. The attack compromised email accounts and targeted various industry verticals. The European Union, NATO, U.K., and U.S. condemned the cyber campaign. Additionally, there were reports of DDoS attacks and … Read more

Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords

January 29, 2024 at 09:17AM A Microsoft Outlook security flaw, CVE-2023-35636, could expose NTLM v2 hashed passwords through a specially crafted file, recently patched by Microsoft. Attackers could exploit it via email or web, convincing users to open the file or click a link. Varonis researcher Dolev Taler reported the bug, highlighting potential leakage vulnerabilities. … Read more

Russian Espionage Group Hammers Zero-Click Microsoft Outlook Bug

December 8, 2023 at 01:52PM The espionage group Fighting Ursa, also known as Forest Blizzard or Fancy Bear, has been targeting government agencies in NATO countries, the UAE, and Jordan. They are using a zero-click vulnerability in Microsoft Outlook to compromise systems. This APT has targeted at least 30 organizations and continues to pose a … Read more

Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability

December 5, 2023 at 03:12AM Microsoft identified activity by Russian-supported threat group Forest Blizzard (also known as APT28 and other names) exploiting a severe Outlook security flaw, CVE-2023-23397, to access email accounts on Exchange servers. The group targeted various sectors and used the bug to maintain unauthorized mailbox access. Microsoft patched the bug in March … Read more

Cloudflare website downed by DDoS attack claimed by Anonymous Sudan

November 10, 2023 at 10:32AM Cloudflare’s website experienced a distributed denial-of-service (DDoS) attack by Anonymous Sudan. The attack only affected the website and did not impact other services. Cloudflare confirmed that the outage was caused by a DDoS attack but did not attribute it to a specific threat actor. Anonymous Sudan has also claimed … Read more