Russia's APT28 exploited a Microsoft Outlook security flaw in Czech and German cyber espionage campaigns, targeting political entities and critical infrastructure. The flaw, CVE-2023-23397, allowed access to Net-NTLMv2 hashes, leading to email account compromises, affecting industries like logistics, armaments, and IT services. APT28, linked to the Russian GRU, has a history of cyber activities globally, triggering responses from EU, NATO, UK, and US
The group's recent exploitation of a Microsoft Windows Print Spooler bug and involvement in election interference underscore its threat to democratic processes. The US, EU, and NATO have condemned Russia's cyber actions, highlighting the need for cybersecurity measures to protect critical infrastructure and democratic systems. https://thehackernews.com/2024/05/microsoft-outlook-flaw-exploited-by.html