Latest News Articles
--- TLP:WHITE ---
News
− Russian state hackers lure Western diplomats with BMW car ads
The Russian state-sponsored hacking group 'APT29' (aka Nobelium, Cloaked Ursa) has been using unconventional lures like car listings to entice diplomats in Ukraine to click on malicious links that deliver malware.
https://unit42.paloaltonetworks.com/cloaked-ursa-phishing/− Apple patches vulns used to infect Russian iPhones with TriangleDB malware
Apple patched three zero-day vulnerabilities this week, two of which were used to infect Russian iPhones with TriangleDB malware as part of Operation Triangulation.
https://www.intego.com/mac-security-blog/apple-patches-vulns-used-to-infect-russian-iphones-with-triangledb-malware/− CISA orders govt agencies to mitigate Windows and Office zero-days
CISA ordered federal agencies to mitigate remote code execution zero-days affecting Windows and Office products that were exploited by the Russian-based RomCom cybercriminal group in NATO phishing attacks.
https://www.bleepingcomputer.com/news/security/cisa-orders-govt-agencies-to-mitigate-windows-and-office-zero-days/Vulnerabilities
− Fortinet has released a security update to address a critical vulnerability
Fortinet has released a security update to address a critical vulnerability (CVE-2023-33308) affecting FortiOS and FortiProxy. This vulnerability allows a remote attacker to execute arbitrary code or commands via crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection.
https://www.ncsc.gov.ie/pdfs/Fortinet_critical_vulnerability_CVE-2023-33308.pdf− Critical Vulnerability in customer-managed ShareFile storage zones
Citrix have released a software update that addresses the vulnerability CVE-2023-24489 CVE-2023-24489 is a critical vulnerability in customer-managed ShareFile storage zones controllers which, if exploited, could allow unauthenticated arbitrary file upload and full remote code execution.
https://www.ncsc.gov.ie/pdfs/Citrix_ShareFile_vulnerability_CVE_2023_24489.pdfCommunity News
− Ukraine A Living Lab for AI Warfare
Ukraine is a laboratory in which the next form of warfare is being created. It is increasingly and structurally used in the conflict to analyze vast amounts of data to produce battlefield intelligence regarding the strategy and tactics of parties to the conflict.
https://www.nationaldefensemagazine.org/articles/2023/3/24/ukraine-a-living-lab-for-ai-warfare--- TLP:WHITE ---