Bill Toulas reports:
Microsoft’s Threat Intelligence team issued a warning earlier today about the Russian state-sponsored actor APT28 (aka “Fancybear” or “Strontium”) actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts and steal sensitive information.
The targeted entities include government, energy, transportation, and other key organizations in the United States, Europe, and the Middle East.
The tech giant also highlighted the exploitation of other vulnerabilities with publicly available exploits in the same attacks, including CVE-2023-38831 in WinRAR and CVE-2021-40444 in Windows MSHTML.
CVE-2023-23397 is a critical elevation of privilege (EoP) vulnerability in Outlook on Windows, which Microsoft fixed as a zero-day on the March 2023 Path Tuesday.
Read more at Bleeping Computer.