US Cyber Command warns users about hackers exploiting a Outlook vulnerability

The US Cyber Command has issued a warning on Twitter about hackers exploiting a vulnerability in Outlook. The warning was issued by the Cyber Command earlier today which talks about a vulnerability identified back in 2017.

The vulnerability CVE-2017-11774 was identified back in 2017 by SensePost researchers and was patched by Microsoft in October of 2017. However, an Iranian state-sponsored hacking group known as APT33 managed to weaponize the vulnerability in 2018. In case you don’t remember, the vulnerability allowed a bad code or malware to escape Outlook sandbox and infect the Operating System. Back in December of 2018, APT33 installed backdoors in web servers to exploit the vulnerability.

ZDNet reports that Chronicle Security researcher Brandon Levene discovered that the malware samples uploaded by the US Cyber Command match with the Shamoon activity which took place in January of 2017. Even Symantec has published a warning informing the public to be careful about the increased APT33 activity.

Some links in the article may not be viewable as you are using an AdBlocker. Please add us to your whitelist to enable the website to function properly.