Storm-0978 Attacks | Microsoft Office Vulnerability | CVE-2023-36884 Lansweeper Guide
Microsoft has confirmed that the vulnerability (CVE-2023-36884) has been exploited in cyberattacks against government entities in North America and Europe by the Russian cybercriminals group Storm-0978. Use Lansweeper to find all vulnerable Office installations in your network: https://www.lansweeper.com/lp/protect-against-storm-0978-attacks/
CISA has ordered federal agencies to mitigate the REC zero-day vulnerabilities affecting Windows and Office before the 8th of August. This gives you just 3 weeks to implement the mitigations. The vulnerabilities have been exploited in phishing attacks against NATO.
The attacks were carried out by the Russian Storm-0978 cybercriminal group. They are also referred to as RomCom, the name of their backdoor, and specialize in sophisticated phishing campaigns. They are mostly known for carrying out opportunistic ransomware and extortion-only operations, as well as targeted credential-gathering campaigns.
CVE-2023-36884
The exploited remote code execution vulnerabilities have been collectively tracked as CVE-2023-36884. Microsoft has confirmed that these vulnerabilities have been exploited in cyberattacks against government entities in North America and Europe. The attackers used malicious Office documents impersonating the Ukrainian World Congress organization to target participants of the NATO Summit in Vilnius.
Mitigation and Patching
At this moment, the flaw hasn’t been patched yet, but Microsoft will be delivering patches either through their monthly releases or out-of-band security updates. Until then, they have released a number of mitigation measures that federal agencies have now been ordered to implement before the 8th of August.
If you are using Microsoft 365 Apps versions 2302 or higher, you are safe from attachments that try to exploit the vulnerability. Otherwise, you can set the FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION registry key to avoid exploitation. For more detailed mitigation measures, please refer to Microsoft’s security blog.
Our technical team has created a new Lansweeper report to help you locate all installs of Microsoft Office in your network.
Run the Microsoft Office Version Audit Report Now ► https://www.lansweeper.com/lp/protect-against-storm-0978-attacks/
Lansweeper enables you to manages your entire IT network, saving an incredible amount of time by automating key tasks. It features best in class fully automatic asset scanning and network inventory software, to keep you on top of your IT-environment.
Recommended by sysadmins all over the world, download your Lansweeper free trial today and start managing your IT assets the right way.
Useful Links
Website ► https://www.lansweeper.com/
Knowledgebase ► https://www.lansweeper.com/kb/
Forum ► https://www.lansweeper.com/forum/
Blog ► https://www.lansweeper.com/blog/
Let’s Connect
Facebook ► https://www.facebook.com/lansweeper.network.inventory
Twitter ► https://twitter.com/lansweeper
Linkedin ► https://www.linkedin.com/company/lansweeper-bvba/
Contact ► Sales@lansweeper.com
Видео Storm-0978 Attacks | Microsoft Office Vulnerability | CVE-2023-36884 Lansweeper Guide канала Lansweeper
CISA has ordered federal agencies to mitigate the REC zero-day vulnerabilities affecting Windows and Office before the 8th of August. This gives you just 3 weeks to implement the mitigations. The vulnerabilities have been exploited in phishing attacks against NATO.
The attacks were carried out by the Russian Storm-0978 cybercriminal group. They are also referred to as RomCom, the name of their backdoor, and specialize in sophisticated phishing campaigns. They are mostly known for carrying out opportunistic ransomware and extortion-only operations, as well as targeted credential-gathering campaigns.
CVE-2023-36884
The exploited remote code execution vulnerabilities have been collectively tracked as CVE-2023-36884. Microsoft has confirmed that these vulnerabilities have been exploited in cyberattacks against government entities in North America and Europe. The attackers used malicious Office documents impersonating the Ukrainian World Congress organization to target participants of the NATO Summit in Vilnius.
Mitigation and Patching
At this moment, the flaw hasn’t been patched yet, but Microsoft will be delivering patches either through their monthly releases or out-of-band security updates. Until then, they have released a number of mitigation measures that federal agencies have now been ordered to implement before the 8th of August.
If you are using Microsoft 365 Apps versions 2302 or higher, you are safe from attachments that try to exploit the vulnerability. Otherwise, you can set the FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION registry key to avoid exploitation. For more detailed mitigation measures, please refer to Microsoft’s security blog.
Our technical team has created a new Lansweeper report to help you locate all installs of Microsoft Office in your network.
Run the Microsoft Office Version Audit Report Now ► https://www.lansweeper.com/lp/protect-against-storm-0978-attacks/
Lansweeper enables you to manages your entire IT network, saving an incredible amount of time by automating key tasks. It features best in class fully automatic asset scanning and network inventory software, to keep you on top of your IT-environment.
Recommended by sysadmins all over the world, download your Lansweeper free trial today and start managing your IT assets the right way.
Useful Links
Website ► https://www.lansweeper.com/
Knowledgebase ► https://www.lansweeper.com/kb/
Forum ► https://www.lansweeper.com/forum/
Blog ► https://www.lansweeper.com/blog/
Let’s Connect
Facebook ► https://www.facebook.com/lansweeper.network.inventory
Twitter ► https://twitter.com/lansweeper
Linkedin ► https://www.linkedin.com/company/lansweeper-bvba/
Contact ► Sales@lansweeper.com
Видео Storm-0978 Attacks | Microsoft Office Vulnerability | CVE-2023-36884 Lansweeper Guide канала Lansweeper
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
OT Scanning and Asset Management with Lansweeper - Quick Demo
Lansweeper API - How to create an Identity Code for Integrations
Diagrams for Network Topology and Virtual Environments in Lansweeper Cloud
Lansweeper Testimonial | Brothers of Charity
Lansweeper training tutorial #9 - Risk Assessment – Vulnerabilities
Lansweeper training tutorial # 13 - Software Normalization
Intel Meltdown CPU Flaw Vulnerability exploit
Should You Migrate to OpenJDK after Oracle JDK Price Change?
Lansweeper training tutorial #5 - Introduction to Discovery
ITAM 2.0 - A Universal IT Asset Data Inventory as the Foundation for Efficient IT Management
How to get a list of vCenter, VMware and Citrix Virtual machines
Veeam End of Life (EOL) - February 2023
Lansweeper Pro Tip #39 - Passive Network Scanning
Microsoft Exchange Server End Of Life
HP Support Assistant Vulnerability - CVE-2022-38395
Security Insights in Lansweeper Cloud
Microsoft Endpoint Configuration Manager (SCCM) End of Life
Lansweeper training tutorial #7- Agentless Deep Scan Discovery
Lansweeper training tutorial #6 - Credential Free Device Recognition
NVIDIA GPU Display Driver Vulnerabilities | CVE-2022-31610 | CVE-2022-31617 | CVE-2022-31606
Lansweeper Pro Tip #54 - Schedule LsAgent to Run at User Logon