Russia-linked APT28 attackers already abusing new Microsoft Office zero-day


Russia-linked attackers are already exploiting Microsoft’s latest Office zero-day, with Ukraine’s national cyber defense team warning that the same bug is being used to target government agencies inside the country and organizations across the EU.

In an alert published on Sunday, CERT-UA says the activity is being driven by UAC-0001, better known as “APT28” or “Fancy Bear”, and hinges on CVE-2026-21509, a security feature bypass bug in Microsoft Office that Microsoft disclosed last week alongside a warning that attackers were already exploiting it in the wild.

Read more…
Source: The Register News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • AMD Acknowledges Newly Disclosed Flaws In Its Processors — Patches Coming Soon

    March 20, 2018

    MD has finally acknowledged 13 critical vulnerabilities, and exploitable backdoors in its Ryzen and EPYC processors disclosed earlier this month by Israel-based CTS Labs and promised to roll out firmware patches for millions of affected devices ‘in the coming weeks.’ According to CTS-Labs researchers, critical vulnerabilities (RyzenFall, MasterKey, Fallout, and Chimera) that affect AMD’s Platform Security ...

  • Phishing still number one method for cyber-attacks

    March 16, 2018

    Microsoft has just released its annual cybersecurity report and it says that phishing is still the most popular way for cyber-criminals to attack, giving security experts everywhere headaches. To create the report, Microsoft scanned more than 400 billion emails, 450 billion authentications and 1.2 billion devices. More than half (53 per cent) of all email threats are phishing ...

  • Ransomware: Get ready for the next wave of destructive cyberattacks

    February 26, 2018

    It might look to be out of the limelight compared to 2017, but it would be foolish to write ransomware off yet, as more attacks using the file-encrypting malware are ahead. High profile incidents like WannaCry, NotPetya and Bad Rabbit made ransomeware infamous last year. WannaCry and NotPetya have since both been attributed to be the work of nation-states – the former to North ...

  • Hackers are selling legitimate code-signing certificates to evade malware detection

    February 22, 2018

    Security researchers have found that hackers are using code-signing certificates more to make it easier to bypass security appliances and infect their victims. New research by Recorded Future’s Insikt Group found that hackers and malicious actors are obtaining legitimate certificates from issuing authorities in order to sign malicious code. Read more… Source: ZDNet  

  • Bot and drone misuse could lead to cybercrime explosion

    February 21, 2018

    The rapid development of drones and artificial intelligence is a “game-changer” that will present a serious threat to national security if it isn’t addressed. The assessment, made by 26 experts from institutions including Cambridge and Oxford Universities, warns of the potential for malicious use of artificial intelligence (AI) by rogue states, criminals, and terrorists. The panel forecast ...

  • Reported Critical Vulnerabilities In Microsoft Software On the Rise

    February 15, 2018

    The number of reported vulnerabilities in Microsoft software has mounted from 325 in 2013 to 685 last year, a rise of 111 percent, according to new research. Moreover, there has also been a 54 percent increase in critical Microsoft vulnerabilities since 2016, researchers at Avecto said in their report, which is based on data from Microsoft’s Security ...