All news with #fancy bear tag

🔒 CERT-UA reports that Russian-linked group Fancy Bear leveraged CVE-2026-21509 in Microsoft Office to target Ukrainian and EU organizations. Malicious Word documents downloaded a disguised LNK file over WebDAV, which deployed a DLL and an image containing shellcode. The campaign used COM hijacking and a scheduled task to restart explorer.exe and load a malicious EhStoreShell.dll, ultimately launching the Covenant C2 framework. Microsoft has published updates and service-side mitigations; affected customers should apply patches and the recommended registry changes.

🛡️The Greens say recent findings of Russian influence operations during the federal election confirm that existing protections for parliamentary democracy are inadequate. Although Germany implemented the NIS-2 law on December 6, 2024, it covers the federal administration and Bundestag administration but not the Bundestag as an institution or MPs' constituency offices. The federal government attributes an August 2024 cyberattack on air traffic control to the GRU-linked group Fancy Bear and says the campaign "Storm 1516" targeted the election with disinformation; the Russian ambassador was summoned.