Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability

Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a critical security flaw in its Outlook email service to gain unauthorized access to victims' accounts within Exchange servers.
The tech giant attributed the intrusions to a threat actor it called Forest Blizzard (formerly Strontium), which is also widely tracked under the monikers APT28,

access accounts actor apt28 blizzard called critical email exchange exploiting flaw forest giant kremlin microsoft monday nation outlook security security flaw servers service state strontium tech threat threat actor unauthorized access under vulnerability