If you've been wondering how Russian cyberattackers could compromise the White House and other high-profile political targets, the security researchers at FireEye have an answer. They've determined that APT28, a politically-motivated Russian hacking group, used unpatched exploits in Flash Player and Windows in a series of assaults against a "specific foreign government organization" on April 13th. Patches for both flaws are either ready or on the way, but the vulnerabilities reinforce beliefs that APT28 is very skilled -- less experienced groups would use off-the-shelf code.