APT29 – Page 3 – WindowsTechs.com

Ex-US ambassador, anti-corruption activists in Ukraine were targets of suspected Russian phishing

Posted on June 1, 2021 by Sean Lyngaas

An ex-U.S. ambassador to Russia, anti-corruption activists in Ukraine and election observers in other parts of Eastern Europe were among the apparent targets of a suspected Russian state-sponsored hacking effort, according to data linked to the spying operation that a researcher shared with CyberScoop. The list offers classic examples of organizations that Russian spies might want to infiltrate, including those working to expose graft, combat disinformation and promote secure elections. It also points to the persistent threats that small nonprofits face from well-resourced hackers, as well as the long-running alleged Russian efforts to undermine democratic institutions. Microsoft on May 27 said hackers had used a breached account belonging to the U.S. Agency for International Development, a U.S. government agency, to send phishing emails to some 3,000 email accounts at 150 organizations in 24 countries (U.S. officials estimated an even broader set of targets: 7,000 accounts and 350 organizations.) Microsoft blamed […]

The post Ex-US ambassador, anti-corruption activists in Ukraine were targets of suspected Russian phishing appeared first on CyberScoop.

Continue reading Ex-US ambassador, anti-corruption activists in Ukraine were targets of suspected Russian phishing→

U.S. Takes Aim at Russia’s Cyber Ops Ecosystem

Posted on April 19, 2021 by Christopher Burgess

The Biden administration is taking the Russian cyber operations ecosystem to task with sanctions pointed at both established Russian companies as well as Russian-controlled entities created by the FSB, GRU and SVR for operational purposes. Coupled wit… Continue reading U.S. Takes Aim at Russia’s Cyber Ops Ecosystem→

U.S. Fingers Putin’s Cozy Bear for SolarWinds Attacks

Posted on April 16, 2021 by Richi Jennings

To the surprise of precisely nobody, the NSA, FBI and CISA agreed that last year’s SolarWinds supply-chain attack was orchestrated by the Russian state.
The post U.S. Fingers Putin’s Cozy Bear for SolarWinds Attacks appeared first on Security Boulevar… Continue reading U.S. Fingers Putin’s Cozy Bear for SolarWinds Attacks→

U.S. government accuses Russian companies of recruiting spies, hacking for Moscow

Posted on April 15, 2021 by Shannon Vavra

The Biden Administration took a sideswipe at the Russian government’s network of companies it allegedly relies on to conduct intelligence and military hacking Thursday — part of a broader effort to beat back Russian government hacking and information operations targeting Americans, the U.S. private sector and the federal government. In one of the most striking actions the Biden administration took Thursday, the U.S. Treasury Department sanctioned Positive Technologies, a cybersecurity firm headquartered in Moscow. According to the Treasury Department, Positive Technologies may appear to be a regular IT firm, but it actually supports Russian government clients, including the Federal Security Service. The firm also “hosts large-scale conventions that are used as recruiting events for the FSB and GRU,” the Treasury Department said, referring to the Federal Security Service (FSB) and Russia’s Main Intelligence Directorate (GRU). U.S. intelligence documents show that the company has gone even further at times and has […]

The post U.S. government accuses Russian companies of recruiting spies, hacking for Moscow appeared first on CyberScoop.

Continue reading U.S. government accuses Russian companies of recruiting spies, hacking for Moscow→

White House slaps sanctions on Russian cyber activities while blaming SVR for SolarWinds campaign

Posted on April 15, 2021 by Sean Lyngaas

The Biden administration on Thursday imposed sweeping sanctions on Russian intelligence operatives for their alleged interference in the 2020 U.S. election, and on Russian companies for allegedly supporting Moscow’s extensive cyber-espionage operations. The Treasury Department sanctioned 32 organizations and individuals for their alleged influence operations aimed at the U.S. election. The White House said it was part of an effort to “disrupt the coordinated efforts of Russian officials, proxies, and intelligence agencies to delegitimize our electoral process.” As part of the crackdown, Treasury sanctioned six Russian tech firms for allegedly providing support to Russian intelligence services’ hacking operations by developing malicious software or setting up IT infrastructure. U.S. officials also made official what had long been rumored: They believe with “high confidence” that Russia’s foreign intelligence agency, the SVR, carried out the hacking campaign that has exploited software made by contractor SolarWinds and other vendors to infiltrate nine U.S. agencies […]

The post White House slaps sanctions on Russian cyber activities while blaming SVR for SolarWinds campaign appeared first on CyberScoop.

Continue reading White House slaps sanctions on Russian cyber activities while blaming SVR for SolarWinds campaign→

NSA, FBI, DHS expose Russian intelligence hacking tradecraft

Posted on April 15, 2021 by Shannon Vavra

The U.S. government warned the private sector Thursday that Russian government hackers working for Russia’s Foreign Intelligence Service (SVR) are actively exploiting five known vulnerabilities to target U.S. companies and the defense industrial base. The National Security Agency, the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) urged system administrators to patch immediately against the vulnerabilities the hackers, also known at APT29 or Cozy Bear, are exploiting. The SVR hackers are specifically actively exploiting vulnerabilities in Fortinet FortiGate VPN, Synacor Zimbra Collaboration Suite, Pulse Secure Pulse Connect Secure VPN, Citrix Application Delivery Controller and Gateway and VMware Workspace ONE Access to gain initial footholds into networks, the government said in its alert. The hackers have been using these initial footholds to collect victims’ authentication credentials to burrow further into networks. The announcement coincides with the U.S. intelligence community’s formal attribution of the supply chain hack […]

The post NSA, FBI, DHS expose Russian intelligence hacking tradecraft appeared first on CyberScoop.

Continue reading NSA, FBI, DHS expose Russian intelligence hacking tradecraft→

Biden ‘Will Cyberattack Putin’ (Because SolarWinds)

Posted on March 23, 2021 by Richi Jennings

President Joe Biden has authorized “devastating” retaliation against the Russian government for the recent hacking attributed to Russia.
The post Biden ‘Will Cyberattack Putin’ (Because SolarWinds) appeared first on Security Boulevard.
Continue reading Biden ‘Will Cyberattack Putin’ (Because SolarWinds)→

Cyber Security Roundup for February 2021

Posted on February 1, 2021 by SecurityExpert

A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, January 2021.
Throughout January further details about the scale and sophistication of SolarWinds suspe… Continue reading Cyber Security Roundup for February 2021→

Hackers Didn’t Only Use SolarWinds to Break In, Says CISA

Posted on January 11, 2021 by Richi Jennings

It wasn’t just the SolarWinds supply-chain hack. There were other ways that the “Russian” hackers broke into countless government agencies and private organizations.
The post Hackers Didn’t Only Use SolarWinds to Break In, Says CISA appeared first on … Continue reading Hackers Didn’t Only Use SolarWinds to Break In, Says CISA→

Hackers Amp Up COVID-19 IP Theft Attacks

Posted on December 28, 2020 by Tara Seals

In-depth report looks at how COVID-19 research has become as a juicy new target for organized cybercrime. Continue reading Hackers Amp Up COVID-19 IP Theft Attacks→