NATO and Diplomats’ Email Portals Targeted by Russian APT Winter Vivern

31 March 2023

Winter Vivern (aka TA473), a Russian hacking group, has been exploiting vulnerabilities (CVE-2022-27926) in unpatched Zimbra instances to access the emails of NATO officials, governments, military people, and diplomats. The CVE-2022-27926 flaw affects versions 9.0.0 of Zimbra Collaboration, which is used to host webmail portals with public access.

Read full article on Heimdal Security Blog

Date:

31 March 2023

Categorie(s):

NEWS

Tag(s):

APT, NATO, Russian, Winter, Zimbra

Tracing the Steps of Cyber Intruders: The Path of Lateral Movement23 April 2024
GitHub Comments Abused to Spread Malware in Fake Microsoft Repositories23 April 2024
PoC Exploit Released For Critical Oracle VirtualBox Vulnerability23 April 2024
New Torq HyperSOC leverages AI for threat investigation and remediation23 April 2024
Mandiant: Orgs are detecting cybercriminals faster than ever23 April 2024