Fancy Bear, the Kremlin’s cyber-spy crew, has been exploiting two previously patched bugs for large-scale phishing campaigns against high-value targets – like government, defense, and aerospace agencies in the US and Europe – since March, according to Microsoft.  The US and UK governments have linked this state-sponsored gang to Russia’s military intelligence agency, the GRU. Its latest phishing expeditions look to exploit CVE-2023-23397, a Microsoft Outlook elevation of privilege flaw, and  CVE-2023-38831, a WinRAR remote code execution flaw that allows arbitrary code execution.

Source: The Register