“Allegedly” the mantra of Russian cybercriminals is “never let a good zero-day go to waste, comrade”. Ouch.
The past few months have accelerated the struggle between cybercriminals and those that defend against them. It seems that once again we are back on the defensive—as fast as law enforcement can arrest the bad guys, more and increasingly vicious cyber-attacks are unleashed. It’s been ugly, heartbreaking, and in some cases demoralizing.
Even though Microsoft has released 44 patches for 44 vulnerabilities—13 of which were rated “critical”—we have still been hit with a Microsoft Word zero-day exploit. Depending on who you see as your threat, it may or may not be helpful to know this exploit was equally popular for cybercriminals dropping ransomware, banking Trojans and targeting Ukrainian rebels with malware.
Apparently—and I should use the word “allegedly” here—the mantra of Russian cybercriminals and Russian Intelligence Service offensive cyber operations is: “never let a good zero-day go to waste, comrade.”