A persistent cyber gang is using unpatched software to target high-profile officials in the US and Europe. Stay vigilant and keep your systems up-to-date to protect against these evolving threats. #cybersecurity #APT #phishing
A pro-Russian cyber spy gang known as Winter Vivern has been targeting elected officials and their staff in the US, as well as European lawmakers, using unpatched Zimbra Collaboration software. The group, also known as TA473 and UAC-0114, has been active since December 2020, and previously targeted government agencies in Azerbaijan, Cyprus, India, Italy, Lithuania, Ukraine, and the Vatican. In recent campaigns, the gang has focused on Ukraine, Poland, Italy, and India, and has used phishing campaigns to trick targets into downloading malware-laden documents. The group’s persistent approach to vulnerability scanning and exploitation has been a key factor in its success.