The Pawn Storm APT group, also known as APT28 and Fancy Bear, exploited some zero-days flaw in targeted attacks before they get patched. The zero-day vulnerabilities were Adobes Flash CVE-2016-7855 flaw that was fixed on October 26, and the privilege escalation flaw in Windows OS that was. fixed on November 8, 2016. The threat actors powered spear phishing attacks between October 28 and early November. The attacks targeted governments and embassies around the world.”]
Source: http://securityaffairs.co/wordpress/53360/cyber-crime/pawn-storm-apt-0days.html