Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
6 résultats taggé CVE-2023-23397  ✕
Fighting Ursa Aka APT28: Illuminating a Covert Campaign https://unit42.paloaltonetworks.com/russian-apt-fighting-ursa-exploits-cve-2023-233397/
08/12/2023 09:51:33
QRCode
archive.org
thumbnail

In three campaigns over the past 20 months, Russian APT Fighting Ursa has targeted over 30 organizations of likely strategic intelligence value using CVE-2023-23397.

paloaltonetworks EN 2023 APT28 CVE-2023-23397 Outlook
BlueDelta Exploits Ukrainian Government Roundcube Mail Servers to Support Espionage Activities | Recorded Future https://www.recordedfuture.com/bluedelta-exploits-ukrainian-government-roundcube-mail-servers
20/06/2023 19:49:45
QRCode
archive.org
thumbnail

Recorded Future's Insikt Group, in partnership with Ukraine's Computer Emergency Response Team (CERT-UA), has uncovered a campaign targeting high-profile entities in Ukraine that was cross-correlated with a spearphishing campaign uncovered by Recorded Future’s Network Traffic Intelligence. The campaign leveraged news about Russia’s war against Ukraine to encourage recipients to open emails, which immediately compromised vulnerable Roundcube servers (an open-source webmail software), using CVE-2020-35730, without engaging with the attachment. We found that the campaign overlaps with historic BlueDelta activity exploiting the Microsoft Outlook zero-day vulnerability CVE-2023-23397 in 2022.

recordedfuture EN 2023 Russia-Ukraine-war Ukraine Roundcube CVE-2023-23397 CVE-2020-35730
Analysis of In-the-wild Attack Samples Exploiting Outlook Privilege Escalation Vulnerability https://ti.qianxin.com/blog/articles/Analysis-of-In-the-wild-Attack-Samples-Exploiting-Outlook-Privilege-Escalation-Vulnerability-(CVE-2023-23397)-EN/
03/04/2023 07:19:20
QRCode
archive.org

QiAnXin Threat Intelligence Center's RedDrip team tracked the relevant events and discovered a batch of attack samples exploiting the CVE-2023-23397 vulnerability. After analyzing these samples and C2 servers, we believe that the exploitation of this vulnerability in the wild has been ongoing since March 2022. In the later stages of the attack, the attackers used Ubiquiti-EdgeRouter routers as C2 servers, and the victims of the attack activity were from multiple countries.

qianxin EN 2023 qianxin CVE-2023-23397 Ubiquiti-EdgeRouter analysis
Guidance for investigating attacks using CVE-2023-23397 https://www.microsoft.com/en-us/security/blog/2023/03/24/guidance-for-investigating-attacks-using-cve-2023-23397/
27/03/2023 11:09:51
QRCode
archive.org
thumbnail

This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397.

microsoft EN 2023 Guidance investigating CVE-2023-23397 Outlook
Everything We Know About CVE-2023-23397 https://www.huntress.com/blog/everything-we-know-about-cve-2023-23397?hss_channel=tw-3330464153
17/03/2023 21:07:36
QRCode
archive.org
thumbnail

Huntress is tracking CVE-2023-23397, a 0-day that impacts Microsoft Outlook and requires no user interaction to expose user credential hashes.

huntress EN 2023 CVE-2023-23397 0-day Microsoft Outlook
Microsoft patches zero-days used by state-sponsored and ransomware threat actors (CVE-2023-23397, CVE-2023-24880) https://www.helpnetsecurity.com/2023/03/14/cve-2023-23397-cve-2023-24880/
14/03/2023 23:22:37
QRCode
archive.org
thumbnail

For March 2023 Patch Tuesday Microsoft has fixed 2 vulnerabilities actively exploited in the wild (CVE-2023-23397, CVE-2023-24880).

helpnetsecurity EN 2023 PatchTuesday state-sponsored March CVE-2023-24880 CVE-2023-23397
4834 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn