Tag: CTI

Vulnerabilities & Alerts

UAC-0001 (APT28) Actively Exploits CVE-2026-21509 via Microsoft Office to Target Ukraine and EU Countries

by marcfred • February 3, 2026

Executive Summary In late January 2026, CERT-UA issued a critical alert regarding the active exploitation of CVE-2026-21509, a vulnerability affecting Microsoft Office. The vulnerability is being leveraged by the threat actor UAC-0001, attributed to the Russian state-sponsored group APT28 (Fancy Bear). Observed attacks primarily target Ukrainian governmental institutions, but multiple European Union organizations have also…

From Diplomatic Tension to Critical Incident

by marcfred • November 24, 2025

Analyzing the Cycle of Cyber Retaliation Executive Summary The correlation between geopolitical tensions and cyber threat intensity is well-established, yet its temporal and sequential mechanics follow a precise model that defense teams must master. Analysis of recent conflicts reveals a standardized threat lifecycle: For CERTs and CSIRTs: Monitoring geopolitical indicators must now trigger specific vigilance…

UAC-0001 (APT28) Actively Exploits CVE-2026-21509 via Microsoft Office to Target Ukraine and EU Countries

Fortinet Releases Patches Following Active Exploitation of CVE-2026-24858

January 2026 Patch Tuesday

UAC-0190 Targeted Attacks Against Ukraine’s Defense Forces Using the PLUGGYAPE Malware

M	T	W	T	F	S	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28