In a report by the Palo Alto Networks Unit 42 researchers, they detail recent activity from the #FightingUrsa (aka #APT28 or #FancyBear) threat group surrounding the #Microsoft Outlook zero-day (CVE-2023-23397), which does "not require a user interaction to exploit". The group targeted 14 nations, which included NATO members, Ukraine, and UAE and they target multiple industries and organizations. They provide insight into the CVE itself, how the adversary is leveraging it, and information of what you can do to help protect yourself! A great article as always! Enjoy and Happy Hunting!

Fighting Ursa Aka APT28: Illuminating a Covert Campaign
https://unit42.paloaltonetworks.com/russian-apt-fighting-ursa-exploits-cve-2023-233397/

Don't forget: A Cyborg Security Free Community Edition Hunt Package to get you started hunting for this threat!

Abnormal Execution of WebDav DLL via Rundll32 - Potentially Malicious Link or Exploitation
https://hunter.cyborgsecurity.io/research/hunt-package/062ae7c6-3e3d-401c-8797-1df3218f3e47

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday