Web application

Updates on Diavol and RagnarLocker. NETGEAR patches. Dealing with PrintNightmare. Russia


Attacks, Threats, and Vulnerabilities

Partners Release Cybersecurity Advisory on Brute Force Global Cyber Campaign by Russian Intelligence (Federal Bureau of Investigation) The FBI and its partners released a cybersecurity advisory exposing malicious cyber activities by Russian military intelligence against U.S. and global organizations.

Cyberhack dispute: Russian diplomats say Moscow not behind attacks on US targets, but is itself constantly bombarded by Americans (RT International) One day after the US accused Moscow of being behind cyberattacks on both government bodies and private business, the Russian Embassy in Washington has pointed the finger at the Americans, accusing them of hacking Russian targets.

Russia Points Finger Back at U.S. Over Latest Cyberattack Accusations (The Moscow Times) U.S. cybersecurity agencies blamed Kremlin-backed hackers for a series of attacks on Western private and government entities.

Russia strongly rejects involvement in cyberattacks on US claimed by NSA (Business Standard) The Russian Embassy has strongly rejected the alleged involvement of the Russian authorities in a series of cyberattacks on government and private facilities in the United States and other countries

NSA discloses hacking methods it says are used by Russia (AP NEWS) WASHINGTON (AP) — U.S. and British agencies disclosed on Thursday details of “brute force” methods they say have been used by Russian intelligence to try to break into the cloud services of hundreds of government agencies, energy companies and other organizations.

US, UK accuse Russian military hackers of battering-ram password attacks against hundreds of targets (CyberScoop) For two years, Russian military hackers have been bombarding hundreds of targets worldwide with passwords to gain access to their networks, making use of a popular open-source tool for managing application workloads, U.S. and U.K. agencies warned in an advisory Thursday. The Russian agency deploys a Kubernetes cluster — a set of worker machines — to conduct their brute force “password spray” attacks …

The United States and the United Kingdom have blamed cyber-attacks on cloud infrastructure (Mediarun Search) The U.S. and UK security agencies have repeatedly blamed Russia for attacks on key parts of its infrastructure. This Thursday (1), the FBI and NSI

Russian Hackers Are Trying to Brute-Force Hundreds of Networks (Wired) While SolarWinds rightly drew attention earlier this year, Moscow’s Fancy Bear group has been on a password-guessing spree this whole time.

NSA, FBI Reveal Hacking Methods Used by Russian Military Hackers (The Hacker News)
FBI and the NSA enlighten on the techniques used by Russian hackers to hack into U.S. systems.

Russia’s APT28 Blamed for Brute Force Campaign Using Kubernetes (Infosecurity Magazine) The US and UK authorities have issued a new warning of state-sponsored Russian threat activity, focused on stealing information from global targets.

US, UK agencies warn Russian hackers using ‘brute force’ to target hundreds of groups (TheHill) A group of top agencies in the United States and United Kingdom on Thursday warned of an ongoing campaign by Russian government-backed hackers using “brute force” hacking techniques to target hundreds of organizatio

US-UK Warn Of New Worldwide Russian Cyberespionage (Breaking Defense) “This is a good reminder that the GRU remains a looming threat, which is especially important given the upcoming Olympics, an event they may well attempt to disrupt,” observed John Hultquist, VP of Analysis at Mandiant Threat Intelligence.

FBI, NSA: Russian military cyber-unit behind large-scale brute-force attacks (The Record by Recorded Future) US and UK cybersecurity agencies said today that a Russian military cyber unit has been behind a series of brute-force attacks that have targeted the cloud IT resources of government and private sector companies across the world.

NSA & CISA Issue Warning About Russian GRU Brute-Force Cyberattacks Against US, Global Orgs (Dark Reading) The National Security Agency (NSA) and the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) today issued a rare alert together that warns of widespread brute-force attacks on US and global organizations by Russia’s GRU military intelligence agency that initially began in mid-2019.

Good guy Russia gives enterprises, cloud platforms a free brute-force security test using Kubernetes clusters (Register) Thanks, Vlad, for the cyber-check-up and the containerization case study

Mongolian certificate authority hacked eight times, compromised with malware (The Record by Recorded Future) Hackers have breached a server belonging to MonPass, one of Mongolia’s largest certificate authorities (CA), and have backdoored the company’s official client with a Cobalt Strike-based backdoor.

Chinese Hackers Attacked Afghan Council Network, Cybersecurity Firm Says  (Voice of America) As part of a cyberespionage operation targeting Central Asian countries, Chinese hackers recently sought to breach the computer networks of Afghanistan’s National Security Council, researchers at cybersecurity firm Check Point reported.

Ongoing Spearphishing Campaign Targets Afghan Gov’t (Threatpost) The IndigoZebra APT is targeting the Afghan government using Dropbox as an API that leaves no traces of communications with weirdo websites.

Researchers uncover effort by Chinese-speaking hackers to target Afghan government (TheHill) Chinese-speaking hackers recently targeted the top tiers of the Afghan government, along with the governments of other nearby nations, research published Thursday found.

Iranian cyber-threat groups make up for lack of technical sophistication with social engineering trickery (The Daily Swig) We take a look at the underestimated threat posed by Iran’s state-sponsored hacking groups

Solar Winds Hackers Continue To Cause Grief (Cyber Security Hub) If bad actors socially engineered all the support teams around the world, they could get a lot more people clicking on emails and mobile phones authorized which they could use to gain access to infrastructure.

SolarWinds cyber attack sees significant financial impact on annual revenue (IT Brief) “Organisations are clearly struggling to keep up with the volume and impact of cyber attacks coming from well-funded and well-organised nation states.

Trickbot cybercrime group linked to new Diavol ransomware (BleepingComputer) FortiGuard Labs security researchers have linked a new ransomware strain dubbed Diavol to Wizard Spider, the cybercrime group behind the Trickbot botnet.

Critical, Exploitable Flaws in NETGEAR Router Firmware (SecurityWeek) Microsoft researchers find multiple gaping security holes in firmware shipped on NETGEAR routers, warning that exploitation could lead to identity theft and full system compromise.

Threat Thursdays: Ragnar Locker – New Variants Pose Threat to Sacred Timeline (BlackBerry) Ragnar Locker ransomware has made…


Read More:Updates on Diavol and RagnarLocker. NETGEAR patches. Dealing with PrintNightmare. Russia

Products You May Like