Storm-0978 actively exploited the Office zero-day
Storm-0978 actively exploited the Office zero-day
Threat Level
Actor Report
For a detailed threat advisory, download the pdf file here
Summary
Storm-0978 is a Russian cybercriminal group that specializes in executing sophisticated phishing campaigns. Storm-0978 was found to be engaged in a new wave of attacks, leveraging the Zero-day flaw (CVE-2023-36884) to distribute the RomCom backdoor.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.