Russian Cybersecurity Threats
SUMMARY
The Federal Bureau of Investigation (FBI) and US Department of Homeland Security (DHS) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29 (APT 29), the Dukes, CozyBear, and Yttrium—will continue to seek intelligence from US and…
The Russian Foreign Intelligence Service (SVR) continues to exploit five publicly known cyber vulnerabilities, the National Security Agency, Cybersecurity and Infrastructure Security Agency and FBI said in a joint advisory.
Executive Summary
Russian Foreign Intelligence Service (SVR) actors (also known as APT29, Cozy Bear, and The Dukes) frequently use publicly known vulnerabilities to conduct widespread scanning and exploitation against vulnerable systems in an effort to obtain authentication credentials to allow…
H-ISAC TLP Green Daily Cyber Headlines for April 16, 2021.
H-ISAC TLP Green Daily Cyber Headlines for February 24, 2021.
The French Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI), is stating that a group of Russian military hackers, known as the Sandworm group, have been behind a three-years-long operation during which they breached the internal networks of several French entities running the…
Russian state-sponsored malicious cyber actors are exploiting a vulnerability in VMware® Access and VMware Identity Manager products, allowing the actors access to protected data and abusing federated authentication. VMware released a patch for the Command Injection Vulnerability captured in CVE-…
The Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS), military unit 26165, is deploying previously undisclosed malware for Linux® systems, called Drovorub, as part of its cyber espionage operations. GTsSS malicious cyber activity has previously been…
The Department of Homeland Security will offer several opportunities this month to participate in an awareness briefing on Russian cyber activity against critical infrastructure.