Attacks leveraging the critical Microsoft Outlook privilege escalation vulnerability, tracked as CVE-2023-23397, have been launched by Russian state-sponsored threat operation APT28 — also known as Forest Blizzard, BlueDelta, Fancy Bear, and TA422 — against the Czech Republic and Germany as part of a long-term cyberespionage campaign, according to The Hacker News.
Several critical infrastructure entities and political and state institutions across Czechia were noted by the country's Ministry of Foreign Affairs to have been disrupted by such intrusions, while Germany's Federal Government reported that APT28's attacks were not only targeted at its Social Democratic Party but also organizations in the IT services, logistics, and air and space sectors, resulting in a widespread email account compromise.
APT28's attacks have already been denounced by NATO, the European Union, the U.S. and the UK.
Such a development comes after a botnet with numerous small office/home office routers across the U.S. and Germany used by APT28 had been dismantled in an international law enforcement operation.