all InfoSec news
Russian Group Targeting Exchange Flaw
Malware Analysis, News and Indicators - Latest topics malware.news
Attackers associated with the notorious Russian Fancy Bear threat group are exploiting a nine-month-old vulnerability in Microsoft Exchange against targets in Poland and potentially other countries.
Researchers from the Polish Cyber Command identified the attacks and observed the attackers exploiting CVE-2023-23397, an elevation-of-privilege vulnerability in Exchange that Microsoft first disclosed in March. At the time of the disclosure, attackers had already been exploiting the vulnerability as a zero day, including in attacks against organizations in Ukraine. The vulnerability enables an …
attackers attacks bear command countries cve cve-2023-23397 cyber cyber command exchange exploiting fancy bear flaw march microsoft microsoft exchange old poland polish privilege researchers russian targeting threat threat group vulnerability