all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Russian hackers exploiting Outlook bug to hijack Exchange accounts

Add to bookmarks
Dec. 4, 2023, 8:14 p.m. | Bill Toulas

BleepingComputer www.bleepingcomputer.com

Microsoft's Threat Intelligence team issued a warning earlier today about the Russian state-sponsored actor APT28 (aka "Fancybear" or "Strontium") actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts and steal sensitive information. [...]

accounts actor apt28 bug cve cve-2023-23397 exchange exploiting fancybear flaw hackers hijack information intelligence microsoft microsoft exchange outlook russian russian hackers security sensitive sensitive information sponsored state steal strontium team threat threat intelligence today warning

Visit resource

More from www.bleepingcomputer.com / BleepingComputer

HPE Aruba Networking fixes four critical RCE flaws in ArubaOS 5 hours ago | www.bleepingcomputer.com
advisory april aruba arubaos +17
DropBox says hackers stole customer data, auth secrets from eSignature service 6 hours ago | www.bleepingcomputer.com
access auth authentication breached +21
US govt warns of pro-Russian hacktivists targeting water facilities 9 hours ago | www.bleepingcomputer.com
critical critical infrastructure disrupt government +16
Panda Restaurants discloses data breach after corporate systems hack 10 hours ago | www.bleepingcomputer.com
attackers breach compromised corporate +14
French hospital CHC-SV refuses to pay LockBit extortion demand 11 hours ago | www.bleepingcomputer.com
demand extortion france french +12
CISA says GitLab account takeover bug is actively exploited in attacks 12 hours ago | www.bleepingcomputer.com
account accounts account takeover actively exploited +14
Microsoft: April Windows Server updates cause NTLM auth failures 13 hours ago | www.bleepingcomputer.com
april auth authentication customer +13
Microsoft says April Windows updates break VPN connections 14 hours ago | www.bleepingcomputer.com
april connections microsoft security +11
Qantas app exposed sensitive traveler details to random users 15 hours ago | www.bleepingcomputer.com
airways app customers exposed +7

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Senior Software Engineer, Security

@ Niantic | Zürich, Switzerland
View on infosec-jobs.com

Consultant expert en sécurité des systèmes industriels (H/F)

@ Devoteam | Levallois-Perret, France
View on infosec-jobs.com

Cybersecurity Analyst

@ Bally's | Providence, Rhode Island, United States
View on infosec-jobs.com

Digital Trust Cyber Defense Executive

@ KPMG India | Gurgaon, Haryana, India
View on infosec-jobs.com

Program Manager - Cybersecurity Assessment Services

@ TestPros | Remote (and DMV), DC
View on infosec-jobs.com
View more jobs