Connect with us

Press Release

Russian SVR was behind the SolarWinds attack, according to the US authorities.

Published

on

Russian SVR was behind the SolarWinds attack, according to the US authorities.

The network of numerous U.S. agencies and commercial computer organisations was breached by hackers thanks to the SolarWinds supply-chain attack, which the U.S. government has officially blamed on Russia.

The White House names the Cozy Bear group of skilled hackers as the perpetrators of the cyber espionage operation using the SolarWinds Orion platform in a statement announcing sanctions against Russia for actions against U.S. interests.

Clearly stated attribution
The White House press release reaffirms earlier media allegations citing unofficial sources that the SolarWinds attack was carried out by the Russian Foreign Intelligence Service, or SVR.

The Cyber Unified Coordination Group (UCG) gave an unnamed Russian-backed cyber group credit for the attack at the beginning of January.

Today, the SVR is officially held responsible by the White House for running “the broad-scope cyber espionage campaign” through its hacking unit, also known as APT29, The Dukes, or Cozy Bear.

According to the White House brief, “the U.S. Intelligence Community has high confidence in its judgement of attribution to the SVR.”

The SolarWinds Vulnerability Reactor (SVR) gained access to more than 16,000 machines worldwide by hacking into the software company’s supply chain. However, the campaign exclusively targeted a small number of targets, including state and federal institutions in the United States and businesses in the cybersecurity industry (FireEye, Malwarebytes, Mimecast). The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) of the United States have issued a joint cybersecurity advisory warning about the top five vulnerabilities the SVR is utilising in attacks against American interests.

Organizations should heed the warning and take the appropriate precautions to spot and guard against the SVR’s nefarious behaviour.

Russian businesses are sanctioned
Today, President Biden signed an executive order prohibiting the use of property in connection with damaging actions taken by the Russian Federation’s government.

The Treasury Department has imposed sanctions on the following Russian technology firms for assisting the SVR, Russia’s Federal Security Service (FSB), and Russia’s Main Intelligence Directorate (GRU) in carrying out malicious cyber activities against the United States using the Executive Order issued today by President Biden.

A research facility and technology park funded and run by the Russian Ministry of Defense is called ERA Technopolis. The Main Intelligence Directorate of Russia (GRU) is housed and supported in ERA Technopolis, which also makes use of the personnel and knowledge of the Russian technology industry to develop military and dual-use technologies.

A business called Pasit, with its headquarters in Russia, carried out research and development in support of the hostile cyberoperations of the Russian Foreign Intelligence Service (SVR).

SVA is a Russian state-owned research facility with a focus on cutting-edge information security solutions. In order to facilitate the SVR’s nefarious cyber operations, SVA carried out research and development.

Neobit is an IT security company with offices in Saint Petersburg, Russia, and its clientele include the Russian Ministry of Defense, SVR, and the Federal Security Service of Russia (FSB). Neobit provided research and development in support of the FSB, GRU, and SVR’s cyber activities. Neobit was also designated today for providing material support to the GRU in violation of E.O. 13694, as modified by E.O. 13757, E.O. 13382, and the Countering America’s Adversaries Through Sanctions Act (CAATSA).

Russian Ministry of Defense, SVR, and FSB are a few of the clients of the IT security company AST. The FSB, GRU, and SVR’s cyber operations received technical assistance from AST. In accordance with E.O. 13694, E.O. 13382, and CAATSA, AST was also assigned today to support the FSB.

Positive Technologies is a Russian IT security company that works with clients in the Russian Government, such as the FSB. Positive Technologies holds sizable conventions that are utilised as FSB and GRU recruiting opportunities in addition to offering computer network security solutions to Russian businesses, foreign governments, and worldwide corporations. In accordance with E.O. 13694, E.O. 13382, and CAATSA, Positive Technologies was also designated today to help the FSB.

Without first requesting and receiving a licence from the Office of Foreign Assets Control, US firms and financial institutions are no longer permitted to conduct business with the aforementioned companies (OFAC).

 

Continue Reading

Press Release

MICROSOFT IS IN TERMS TO BUY SPEECH TECHNOLOGY COMPANY NUANCE COMMUNICATIONS FOR ABOUT $16 BILLION, OR $56 A SHARE, A 23% OVERPAYMENT TO NUANCE’S FRIDAY CLOSE, According to Sources (BLOOMBERG)

Published

on

MICROSOFT IS IN TERMS TO BUY SPEECH TECHNOLOGY COMPANY

Bloomberg:

According to sources, Microsoft is in advanced talks to acquire Nuance Communications, a provider of speech technology, for about $16 billion, or $56 per share, a 23% premium to Nuance’s Friday close. The proposed price would value Nuance at $56 per share. This week could see the announcement of a deal.

Continue Reading

Press Release

Nine widely used WiFi routers had 226 vulnerabilities.

Published

on

Nine widely used WiFi routers had 226 vulnerabilities.

Even when using the most recent firmware, security researchers examined nine widely used WiFi routers and discovered a total of 226 possible vulnerabilities in them.

Millions of people use the tested routers, which are made by Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology, and Linksys.

The TP-Link Archer AX6000, which has 32 problems, and the Synology RT-2600ac, which has 30 security flaws, are the two devices with the most vulnerabilities.

The examination process
In partnership with CHIP magazine, researchers at IoT Inspector conducted security tests with a focus on models primarily used by small businesses and residential users.

According to Florian Lukavsky, CTO & Founder at IoT Inspector, “vendors provided them with current models, which were upgraded to the newest firmware version, for Chip’s router review.”

“IoT Inspector automatically examined the firmware versions and searched for more than 5,000 CVEs and other security flaws.”

Although not all defects posed the same risk, the researchers discovered a few widespread issues that impacted the majority of the evaluated models:

The firmware contains an outdated Linux kernel.
stale VPN and multimedia features
over-reliance on BusyBox’s earlier iterations
weak default passwords like “admin” are used
Hardcoded credentials are present in plain text.
Changing the router’s default password when configuring it for the first time is one of the most crucial steps you can take to secure it, according to Jan Wendenburg, CEO of IoT Inspector.

Whether an IoT device is used at home or in a corporate network, changing the password upon first use and turning on automatic updates must be regular procedure, according to Wendenburg.

In addition to manufacturer-introduced vulnerabilities, utilising an IoT device with the adage “plug, play, and forget” poses the greatest risk.

Continue Reading

Press Release

Record: hackers scraped information of 500M LinkedIn customers and published it available online; LinkedIn validates the dataset includes publicly viewable details from its site (Katie Canales/Insider).

Published

on

hackers scraped information

ReporReport: hackers scraped data of 500M LinkedIn users and posted it for sale online; LinkedIn confirms the dataset includes publicly viewable info from its site (Katie Canales/Insider)

Katie Canales / Insider:
Report: hackers scraped data of 500M LinkedIn users and posted it for sale online; LinkedIn confirms the dataset includes publicly viewable info from its site — – Personal data from 500 million LinkedIn users has been scraped and is reportedly for sale on a hacking forum.t: hackers scraped data of 500M LinkedIn users and posted it for sale online; LinkedIn confirms the dataset includes publicly viewable info from its site (Katie Canales/Insider)

Katie Canales / Insider:
Report: hackers scraped data of 500M LinkedIn users and posted it for sale online; LinkedIn confirms the dataset includes publicly viewable info from its site — – Personal data from 500 million LinkedIn users has been scraped and is reportedly for sale on a hacking forum.

Continue Reading

Trending