US Cyber Command has issued a warning via Twitter on Tuesday stating vulnerability in Microsoft’s Outlook application which could be exploited by Iranian Hacking Groups APT33 and APT34 to launch cyber attacks on government agencies.
The security alert states that hackers can bypass the regular security protocol to execute arbitrary commands on Windows OS running computers.
California based Cybersecurity firm FireEye is attributing the latest MS Outlook cyber threat to Shamoon malware which was developed to be launched on Power sectors around the world by the same Iranian hacking group.
Going by the details, MS Outlook Vulnerability referred to as CVE-2017-11774 was discovered first in 2017 for which the patch was issued by the American technological giant in October of the same year. But those who haven’t updated their systems with the patch could anytime fall prey to hackers who could either use the vulnerability to spread malware or cause other disturbances.
As the relationship between Iran and America have soured in recent times, the US Department of Homeland Security’s Cybersecurity wing has warned that Iran could use its espionage-related tactics via outlook vulnerabilities to infiltrate into the federal networks of various government agencies. There is a high probability that the intelligence wing of Iran could also launch “wiper” attacks on federal networks via certain malware.
Note- A malware attack in 2012 against Oil business giant Saudi Armco stands as a perfect proof for such attacks launched by hacking groups backed by the funding of state intelligence.