Alyza Sebenius, Bloomberg News SolarWinds Corp. headquarters in Austin, Texas, U.S., on Tuesday, Dec. 22, 2020. A former security adviser at the IT monitoring and network management company SolarWinds Corp. said he warned management of cybersecurity risks and laid out a plan to improve it that was ultimately ignored. Photographer: Bronte Wittpenn/Bloomberg , Bloomberg
(Bloomberg) The U.S. and U.K. released details on Friday about how Russiaâs foreign intelligence service operates in cyberspace, the latest effort to try to disrupt future attacks.
The report contains technical resources about the groupâs tactics, including breaching email in order to find passwords and other information to further infiltrate organizations, in addition to providing software flaws commonly exploited by the hackers. It also offers details about how network administrators can counter the attackersâ tactics.
Additionally, the unclassified, 14-page advisory said the hackers were recently spotted using an open-source, command-and-control framework called Silver after gaining initial access to victim network.
The advisory was issued jointly by the FBI, U.S. National Security Agency (NSA), U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the U.K. National Cyber Security Centre (NCSC).
Previously, the NSCS and Canada’s Communications Security Establishment (CSE) issued a joint report in July 2020 outlining specific tactics, techniques and procedures (TTPs) used by the hacking group.
“SVR cyber operators appear to have reacted to this report by changing their TTPs in an attempt to avoid further detection and remediation efforts by network defenders,” the new advisory says in part.
The latest advisory warns organisations that hackers do not seem to back down.
(Subscribe to our Today s Cache newsletter for a quick snapshot of top 5 tech stories. Click here to subscribe for free.)
Russian hackers are still targeting U.S. and foreign entities to gather intelligence for future cyberattacks, the US security and intelligence agencies warned.
In a Joint Cybersecurity Advisory, the Federal Bureau of Investigation (FBI), Department of Homeland Security, and CISA noted that Russian Foreign Intelligence Service (SVR) cyber actors primarily target government networks, think tanks, policy analysis organizations, and information technology companies.
U.S. agencies and the U.K.’s National Cyber Security Centre blamed SVR for the SolarWinds supply chain attack that allowed hackers to gain access to thousands of organisations around the world along with many government agencies.
minute read
Share this article:
A coalition of 60 global entities (including the DoJ) has proposed a sweeping plan to hunt down and disrupt ransomware gangs by going after their financial operations.
Ransomware has reached crisis levels across business sectors and across the globe, but a public-private Ransomware Task Force aims to stem the tide of attacks by disrupting the crooks’ business model.
Join Threatpost for “Fortifying Your Business Against Ransomware, DDoS & Cryptojacking Attacks” a LIVE roundtable event on Wednesday, May 12 at 2:00 PM EDT for this FREE webinar sponsored by Zoho ManageEngine.
The Institute for Security and Technology (IST) put together the coalition, which includes more than 60 members from software companies, government agencies, cybersecurity vendors, financial services companies, nonprofits and academic institutions. Big names associated with the project include the U.S. Department of Justice, Europol and the U.K.’s National Cy
A group of 60 experts including the RCMP’s National Cyber Crime Coordination Unit has issued a detailed plan for fighting ransomware, calling on the governments around the world to take action.
“Ransomware attacks will only continue to grow in size and severity unless there is a coordinated, comprehensive, public-private response,” the 80-page report says. “It will take nothing less than our total collective effort to mitigate the ransomware scourge.”
It was created by a ransomware task force assembled by the U.S.-based Institute for Security and Technology. Members include experts in the tech industry from Amazon, Palo Alto Networks, Cisco Systems, CrowdStrike, Deloitte, Microsoft and many others, as well as agencies such as the FBI, the U.K.’s National Cyber Security Centre, and Oxford university’s school of government.