Russia-linked APT SVR actively targets these 5 flaws

The US government warned that Russian cyber espionage group SVR is exploiting five known vulnerabilities in enterprise infrastructure products. The U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) have published a joint advisory that warns that Russia-linked APT group SVR (aka APT29, Cozy Bear, … Continue reading Russia-linked APT SVR actively targets these 5 flaws

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawling SolarWinds supply chain hack. An analysis of the malicious file … Continue reading Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

NSA: 5 Security Bugs Under Active Nation-State Cyberattack

Widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more. The Feds are warning that nation-state actors are once again after U.S. assets, this time in a spate of cyberattacks that exploit five vulnerabilities that affect VPN solutions, collaboration-suite software and … Continue reading NSA: 5 Security Bugs Under Active Nation-State Cyberattack

Bolstering Our Nations Defenses Against Cybersecurity Attacks

Shawn Henry, former Executive Assistant Director of the FBI and current CrowdStrike president of services and CSO, shares the top three cybersecurity priorities that the Biden administration needs to address. For the cybersecurity community at large, 2020 was one of the most active years in recent memory. The COVID-19 pandemic provided the perfect nesting ground … Continue reading Bolstering Our Nations Defenses Against Cybersecurity Attacks

US Formally Attributes SolarWinds Attack to Russian Intelligence Agency

Treasury Department slaps sanctions on IT security firms that it says supported Russia's Foreign Intelligence Service carry out the attacks. The Biden administration Thursday officially blamed Russia's Foreign Intelligence Service, SVR, for the cyberattack on SolarWinds and announced sanctions against a handful of IT security firms for helping enable that attack and other malicious cyber … Continue reading US Formally Attributes SolarWinds Attack to Russian Intelligence Agency