all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Russian Group Targeting Exchange Flaw

Add to bookmarks
Dec. 4, 2023, 8:05 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Attackers associated with the notorious Russian Fancy Bear threat group are exploiting a nine-month-old vulnerability in Microsoft Exchange against targets in Poland and potentially other countries.


Researchers from the Polish Cyber Command identified the attacks and observed the attackers exploiting CVE-2023-23397, an elevation-of-privilege vulnerability in Exchange that Microsoft first disclosed in March. At the time of the disclosure, attackers had already been exploiting the vulnerability as a zero day, including in attacks against organizations in Ukraine. The vulnerability enables an …

attackers attacks bear command countries cve cve-2023-23397 cyber cyber command exchange exploiting fancy bear flaw march microsoft microsoft exchange old poland polish privilege researchers russian targeting threat threat group vulnerability

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

New Redline Version: Uses Lua Bytecode, Propagates Through GitHub 23 hours ago | malware.news
bytecode code detect found +12
Cybersecurity firm Darktrace sold to Thoma Bravo for $5.3 billion 1 day, 11 hours ago | malware.news
acquisition article cybersecurity darktrace +5
Arctic Wolf Recognized as a Leader in Frost & Sullivan Managed Detection and Response Report 1 day, 12 hours ago | malware.news
amp and response april arctic +20
CVE-2024-29204, CVE-2024-24996: Critical Vulnerabilities in Ivanti Avalanche 1 day, 12 hours ago | malware.news
april avalanche components critical +19
Showcasing Artwork by Max for Autism Awareness Month 1 day, 13 hours ago | malware.news
art article artwork autism +6
TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland - SWN #381 1 day, 13 hours ago | malware.news
article cisco deepfakes flowmon +6
Kaiser Permanente notifies 13.4M patients of potential data exposure 1 day, 13 hours ago | malware.news
apps article data data exposure +16
Impact of organizational structure on ransomware outcomes: Where does your org fit in? 1 day, 13 hours ago | malware.news
article challenges core security detection +15
VA is warning veterans about Change Healthcare cyberattack, secretary says 1 day, 14 hours ago | malware.news
alerting article attack change +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Principal Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com

Security Engineer- Systems Integration

@ Meta | Bellevue, WA | Menlo Park, CA | New York City
View on infosec-jobs.com

Lead Security Engineer (Digital Forensic and IR Analyst)

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

Senior Principal IAM Engineering Program Manager Cybersecurity

@ Providence | Redmond, WA, United States
View on infosec-jobs.com

Information Security Analyst II or III

@ Entergy | The Woodlands, Texas, United States
View on infosec-jobs.com
View more jobs