Security News > 2023 > December > Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability
2023-12-05 06:59
Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a critical security flaw in its Outlook email service to gain unauthorized access to victims' accounts within Exchange servers. The tech giant attributed the intrusions to a threat actor it called Forest Blizzard (formerly Strontium), which is also widely tracked under the monikers APT28,
News URL
https://thehackernews.com/2023/12/microsoft-warns-of-kremlin-backed-apt28.html
Related news
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Microsoft warns of CPU spikes when typing in classic Outlook (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Microsoft announces fix for CPU spikes when typing in Outlook (source)
- Microsoft fixes Outlook on the web search issues, failures (source)
- Microsoft fixes Outlook paste, blank calendar rendering issues (source)
- Week in review: Microsoft patches 5 actively exploited 0-days, recently fixed Chrome vulnerability exploited (source)
- Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise (source)