Storm-0978 Attacks | Microsoft Office Vulnerability | CVE-2023-36884 Lansweeper Guide
Microsoft has confirmed that the vulnerability (CVE-2023-36884) has been exploited in cyberattacks against government entities in North America and Europe by the Russian cybercriminals group Storm-0978. Use Lansweeper to find all vulnerable Office installations in your network: https://www.lansweeper.com/lp/protect-against-storm-0978-attacks/
CISA has ordered federal agencies to mitigate the REC zero-day vulnerabilities affecting Windows and Office before the 8th of August. This gives you just 3 weeks to implement the mitigations. The vulnerabilities have been exploited in phishing attacks against NATO.
The attacks were carried out by the Russian Storm-0978 cybercriminal group. They are also referred to as RomCom, the name of their backdoor, and specialize in sophisticated phishing campaigns. They are mostly known for carrying out opportunistic ransomware and extortion-only operations, as well as targeted credential-gathering campaigns.
CVE-2023-36884
The exploited remote code execution vulnerabilities have been collectively tracked as CVE-2023-36884. Microsoft has confirmed that these vulnerabilities have been exploited in cyberattacks against government entities in North America and Europe. The attackers used malicious Office documents impersonating the Ukrainian World Congress organization to target participants of the NATO Summit in Vilnius.
Mitigation and Patching
At this moment, the flaw hasn’t been patched yet, but Microsoft will be delivering patches either through their monthly releases or out-of-band security updates. Until then, they have released a number of mitigation measures that federal agencies have now been ordered to implement before the 8th of August.
If you are using Microsoft 365 Apps versions 2302 or higher, you are safe from attachments that try to exploit the vulnerability. Otherwise, you can set the FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION registry key to avoid exploitation. For more detailed mitigation measures, please refer to Microsoft’s security blog.
Our technical team has created a new Lansweeper report to help you locate all installs of Microsoft Office in your network.
Run the Microsoft Office Version Audit Report Now ► https://www.lansweeper.com/lp/protect-against-storm-0978-attacks/
Lansweeper enables you to manages your entire IT network, saving an incredible amount of time by automating key tasks. It features best in class fully automatic asset scanning and network inventory software, to keep you on top of your IT-environment.
Recommended by sysadmins all over the world, download your Lansweeper free trial today and start managing your IT assets the right way.
Useful Links
Website ► https://www.lansweeper.com/
Knowledgebase ► https://www.lansweeper.com/kb/
Forum ► https://www.lansweeper.com/forum/
Blog ► https://www.lansweeper.com/blog/
Let’s Connect
Facebook ► https://www.facebook.com/lansweeper.network.inventory
Twitter ► https://twitter.com/lansweeper
Linkedin ► https://www.linkedin.com/company/lansweeper-bvba/
Contact ► Sales@lansweeper.com
Видео Storm-0978 Attacks | Microsoft Office Vulnerability | CVE-2023-36884 Lansweeper Guide канала Lansweeper
CISA has ordered federal agencies to mitigate the REC zero-day vulnerabilities affecting Windows and Office before the 8th of August. This gives you just 3 weeks to implement the mitigations. The vulnerabilities have been exploited in phishing attacks against NATO.
The attacks were carried out by the Russian Storm-0978 cybercriminal group. They are also referred to as RomCom, the name of their backdoor, and specialize in sophisticated phishing campaigns. They are mostly known for carrying out opportunistic ransomware and extortion-only operations, as well as targeted credential-gathering campaigns.
CVE-2023-36884
The exploited remote code execution vulnerabilities have been collectively tracked as CVE-2023-36884. Microsoft has confirmed that these vulnerabilities have been exploited in cyberattacks against government entities in North America and Europe. The attackers used malicious Office documents impersonating the Ukrainian World Congress organization to target participants of the NATO Summit in Vilnius.
Mitigation and Patching
At this moment, the flaw hasn’t been patched yet, but Microsoft will be delivering patches either through their monthly releases or out-of-band security updates. Until then, they have released a number of mitigation measures that federal agencies have now been ordered to implement before the 8th of August.
If you are using Microsoft 365 Apps versions 2302 or higher, you are safe from attachments that try to exploit the vulnerability. Otherwise, you can set the FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION registry key to avoid exploitation. For more detailed mitigation measures, please refer to Microsoft’s security blog.
Our technical team has created a new Lansweeper report to help you locate all installs of Microsoft Office in your network.
Run the Microsoft Office Version Audit Report Now ► https://www.lansweeper.com/lp/protect-against-storm-0978-attacks/
Lansweeper enables you to manages your entire IT network, saving an incredible amount of time by automating key tasks. It features best in class fully automatic asset scanning and network inventory software, to keep you on top of your IT-environment.
Recommended by sysadmins all over the world, download your Lansweeper free trial today and start managing your IT assets the right way.
Useful Links
Website ► https://www.lansweeper.com/
Knowledgebase ► https://www.lansweeper.com/kb/
Forum ► https://www.lansweeper.com/forum/
Blog ► https://www.lansweeper.com/blog/
Let’s Connect
Facebook ► https://www.facebook.com/lansweeper.network.inventory
Twitter ► https://twitter.com/lansweeper
Linkedin ► https://www.linkedin.com/company/lansweeper-bvba/
Contact ► Sales@lansweeper.com
Видео Storm-0978 Attacks | Microsoft Office Vulnerability | CVE-2023-36884 Lansweeper Guide канала Lansweeper
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![OT Scanning and Asset Management with Lansweeper - Quick Demo](https://i.ytimg.com/vi/LBj__50fqro/default.jpg)
![Lansweeper API - How to create an Identity Code for Integrations](https://i.ytimg.com/vi/Ym1iV3sYkVg/default.jpg)
![Diagrams for Network Topology and Virtual Environments in Lansweeper Cloud](https://i.ytimg.com/vi/LminSAWBe_o/default.jpg)
![Lansweeper Testimonial | Brothers of Charity](https://i.ytimg.com/vi/iPt6XSMV7w8/default.jpg)
![Lansweeper training tutorial #9 - Risk Assessment – Vulnerabilities](https://i.ytimg.com/vi/x--7O4r_OEI/default.jpg)
![Lansweeper training tutorial # 13 - Software Normalization](https://i.ytimg.com/vi/OO9w5_q2ezA/default.jpg)
![Intel Meltdown CPU Flaw Vulnerability exploit](https://i.ytimg.com/vi/7EhaOSqop9c/default.jpg)
![Should You Migrate to OpenJDK after Oracle JDK Price Change?](https://i.ytimg.com/vi/NBdyGQJVdcw/default.jpg)
![Lansweeper training tutorial #5 - Introduction to Discovery](https://i.ytimg.com/vi/WSpa6yH2CC0/default.jpg)
![ITAM 2.0 - A Universal IT Asset Data Inventory as the Foundation for Efficient IT Management](https://i.ytimg.com/vi/zPB_KRvPa_w/default.jpg)
![How to get a list of vCenter, VMware and Citrix Virtual machines](https://i.ytimg.com/vi/HBnxOJoImbw/default.jpg)
![Veeam End of Life (EOL) - February 2023](https://i.ytimg.com/vi/XD6vUHx2zaQ/default.jpg)
![Lansweeper Pro Tip #39 - Passive Network Scanning](https://i.ytimg.com/vi/sRp6x5u7j58/default.jpg)
![Microsoft Exchange Server End Of Life](https://i.ytimg.com/vi/IV4IEhftpP8/default.jpg)
![HP Support Assistant Vulnerability - CVE-2022-38395](https://i.ytimg.com/vi/6Ja8eZ2eifo/default.jpg)
![Security Insights in Lansweeper Cloud](https://i.ytimg.com/vi/tDbqoOsmEr4/default.jpg)
![Microsoft Endpoint Configuration Manager (SCCM) End of Life](https://i.ytimg.com/vi/5TFSIAi1fIA/default.jpg)
![Lansweeper training tutorial #7- Agentless Deep Scan Discovery](https://i.ytimg.com/vi/B3SWKXNEFPQ/default.jpg)
![Lansweeper training tutorial #6 - Credential Free Device Recognition](https://i.ytimg.com/vi/4sh3ZOHopkk/default.jpg)
![NVIDIA GPU Display Driver Vulnerabilities | CVE-2022-31610 | CVE-2022-31617 | CVE-2022-31606](https://i.ytimg.com/vi/EcAkP4TZt0o/default.jpg)
![Lansweeper Pro Tip #54 - Schedule LsAgent to Run at User Logon](https://i.ytimg.com/vi/N1oHoadcajU/default.jpg)