Attackers from a group centered in Russia utilized a method to infiltrate networks. This involves sending specialized emails to the Outlook client that would allow for them to authenticate with NTLM on other systems and elevate their permissions throughout the network. The exploit has been used to attack over a dozen organizations of various kinds before its discover and patching.
