Dec 12, 2023NewsroomCyber Espionage / Malware The Russian nation-state threat actor known as APT28 has been observed making use of lures related to the ongoing Israel-Hamas war to facilitate the delivery of a custom backdoor called HeadLace. IBM X-Force is tracking the adversary under the name ITG05, which is also known as BlueDelta, Fancy Bear, […]
Russian APT28 hackers, also known as Fancy Bear, exploited a Microsoft Outlook zero-day vulnerability to target European NATO member countries, including a NATO Rapid Deployable Corps.
Microsoft warned that the Russian state-sponsored hacker group APT28 is actively exploiting vulnerabilities in Outlook, WinRAR, and Windows MSHTML to hijack Microsoft Exchange accounts and steal sensitive information.
The Russian APT28 hacking group, also known as ‘Strontium’ or ‘Fancy Bear,’ has been targeting government entities, businesses, universities, research institutes, and think tanks in France since the second half of 2021.