Security News > 2021 > May > Top 12 Security Flaws Russian Spy Hackers Are Exploiting in the Wild

Cyber operatives affiliated with the Russian Foreign Intelligence Service have switched up their tactics in response to previous public disclosures of their attack methods, according to a new advisory jointly published by intelligence agencies from the U.K. and U.S. Friday.

"SVR cyber operators appear to have reacted by changing their TTPs in an attempt to avoid further detection and remediation efforts by network defenders," the National Cyber Security Centre said.

"The SVR targets organisations that align with Russian foreign intelligence interests, including governmental, think-tank, policy and energy targets, as well as more time bound targeting, for example COVID-19 vaccine targeting in 2020," the NCSC said.

This was followed by a separate guidance on April 26 that shed more light on the techniques used by the group to orchestrate intrusions, counting password spraying, exploiting zero-day flaws against virtual private network appliances to obtain network access, and deploying a Golang malware called WELLMESS to plunder intellectual property from multiple organizations involved in COVID-19 vaccine development.

Now according to the NCSC, seven more vulnerabilities have been added into the mix, while noting that APT29 is likely to "Rapidly" weaponize recently released public vulnerabilities that could enable initial access to their targets.

"Network defenders should ensure that security patches are applied promptly following CVE announcements for products they manage," the agency said.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/-JfcmQiD8Ak/top-11-security-flaws-russian-spy.html