Security News > 2021

The United States government is formally accusing the Russian government of the SolarWinds supply-chain attack that gave hackers access to the network of multiple U.S. agencies and private tech sector companies. The press release from the White House confirms past media reports citing unofficial sources that the Russian Foreign Intelligence Service, the SVR, was behind the SolarWinds hack.

Reddit this week announced the launch of a public bug bounty program on the vulnerability hunting platform HackerOne. Following a three-year private bug bounty program on HackerOne, which has resulted in over $140,000 being awarded in bug bounties for 300 vulnerability reports focusing on reddit.com, the program is going public with an expanded scope.

Phishing campaigns typically try to arouse interest among potential victims through two strategies. Wells Fargo made the No. 6 spot, used in 4% of all phishing attacks analyzed in the first quarter of 2021.

The U.S. government on Thursday warned that Russian APT operators are exploiting five known - and already patched - vulnerabilities in corporate VPN infrastructure products, insisting it is "Critically important" to mitigate these issues immediately. According to the NSA, the five vulnerabilities should be prioritized for patching alongside the newest batch of Exchange Server updates released by Microsoft earlier this week.

A joint advisory from the U.S. National Security Agency, the Cybersecurity and Infrastructure Security Agency, and the Federal Bureau of Investigation warn that the Russian Foreign Intelligence Service is exploiting five vulnerabilities in attacks against U.S. organizations and interests. In an advisory issued today, the NSA said that it is aware of the Russian SVR using these vulnerabilities against public-facing services to obtain authentication credentials to further compromise the networks of US corporate and government networks.

The Biden administration on Thursday announced the U.S. is expelling 10 Russian diplomats and imposing sanctions against dozens of companies and people, holding the Kremlin accountable for interference in last year's presidential election and the cyber hacking of federal agencies. U.S. intelligence officials alleged in a declassified report last month that Russian President Vladimir Putin authorized influence operations to help Donald Trump in his unsuccessful bid for reelection as president, though there's no evidence Russia or anyone else changed votes or manipulated the outcome.

Cryptojacking can be added to the list of threats that face any unpatched Exchange servers that remain vulnerable to the now-infamous ProxyLogon exploit, new research has found. Researchers discovered the threat actors using Exchange servers compromised using the highly publicized exploit chain-which suffered a barrage of attacks from advanced persistent threat groups to infect systems with everything from ransomware to webshells-to host Monero cryptomining malware, according to a report posted online this week by SophosLabs.

A researcher has made public an exploit and details for an unpatched vulnerability affecting Chrome, Edge and other web browsers that are based on the open source Chromium project. The second exploit was publicly disclosed by a researcher who uses the online moniker Frust and who works for Chinese cybersecurity company Qihoo 360.

The office of the Director of National Intelligence released its "Annual Threat Assessment of the U.S. Intelligence Community." Cybersecurity is covered on pages 20-21. Cyber threats from nation states and their surrogates will remain acute.

The Biden administration is preparing to announce sanctions in response to a massive Russian hacking campaign that breached vital federal agencies, as well as for election interference, a senior administration official said. U.S. officials last month alleged that Russian President Vladimir Putin authorized influence operations to help Donald Trump in his unsuccessful bid for reelection as president, though there's no evidence Russia or anyone else changed votes or manipulated the outcome.