This time hackers of APT28 group run highly targeted attack by leveraging two Zero-day vulnerabilities to target an Internationally government entity. APT28 group exploiting the vulnerabilities in the Adobe Flash Software and (CVE-2015-3043) and Windows operating system (CVE-2015-1701).
APT28 was the same Russian hackers group who have run a cyber espionage campaigns against the U.S defense contractors, European security organizations and Eastern European government entities. FireEye researchers collected evidence that the APT28 group is linked to the Russian Government,
Investigators at several security firms believe that APT28 was responsible for a serious breach at U.S. State Department computers in November 2014, and the experts speculate that the team also compromised an unclassified network at the White House accessing sensitive information, including the President Obama agenda.
Investigators at several security firms believe that APT28 was responsible for a serious breach at U.S. State Department computers in November 2014, and the experts speculate that the team also compromised an unclassified network at the White House accessing sensitive information, including the President Obama agenda.
FireEye wrote that the vulnerability on the Adobe Flash Software has been patched by Adobe team on Tuesday. So users can update their Flash Application to the latest version to prevent the further damage. For Windows Zero-day vulnerability, currently there is no patch available but the FireEye team are working with the Microsoft Security Team on CVE-2015-1701.
For more detailed information about the FireEye research on this, you can download the research paper (PDF file).