Windows vulnerability reported by the NSA exploited to install Russian malware
Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attacks that targeted a vast array of organizations with a previously undocumented tool, the software maker disclosed
This analysis of #APT28 aka #ForestBlizzard methodology is being reported all over as though it were special. And while it may be "unique" to the group, it's just...not that special.
Everything I see here should be detected by modern standard defenses. This attack chain doesn't even read like an APT to me; it reads like a cybercrime group.