Security News

The FBI and DHS have issued a Joint Cybersecurity Advisory on the threat posed by the Russian Foreign Intelligence Service via the cyber actor known as APT 29. The new advisory, provides "Information on the SVR's cyber tools, targets, techniques, and capabilities to aid organizations in conducting their own investigations and securing their networks." Noticeably, the advisory uses the term SVR and APT 29 indistinguishably throughout, indicating that it sees no difference between the cyber actor and the Russian intelligence agency.

To date, hacking has exclusively been a human activity. Separately, AIs can engage in something called reward hacking.

Software developed by data extraction company Cellebrite contains vulnerabilities that allow arbitrary code execution on the device, claims Moxie Marlinspike, the creator of the encrypted messaging app Signal. The researcher found that Cellebrite's software had outdated open-source code that had not been updated in almost a decade, despite security updates being available.

Social media giant Facebook today announced that it took action against two groups of hackers originating from Palestine that abused its infrastructure for malware distribution and account compromise across the Internet. As part of the shutdown operation, Facebook took down accounts, blocked domains, sent alerts to people who were targeted, and released malware hashes to the public.

A Ukrainian national arrested for his role in a hacking group that compromised millions of financial accounts was sentenced to a decade in prison, US prosecutors said Friday. Fedir Hladyr, 35, had a high-level role as a manager and systems administrator for a hacking group known at FIN7, authorities said.

The SolarWinds hackers took full advantage of what George Kurtz, CEO of top cybersecurity firm CrowdStrike, called "Systematic weaknesses" in key elements of Microsoft code to mine at least nine U.S. government agencies - the departments of Justice and Treasury, among them - and more than 100 private companies and think tanks, including software and telecommunications providers. The campaign's "Hallmark" was the intruders' ability to impersonate legitimate users and create counterfeit credentials that let them grab data stored remotely by Microsoft Office, the acting director of the Cybersecurity Infrastructure and Security Agency, Brandon Wales, told a mid-March congressional hearing.

Recent attacks from Ryuk ransomware operators show that the actors have a new preference when it comes to gaining initial access to the victim network. Security researchers from the threat intelligence boutique Advanced Intelligence observed that Ryuk ransomware attacks this year relied more often on compromising exposed RDP connections to gain an initial foothold on a target network.

A high-level manager and systems administrator associated with the FIN7 threat actor has been sentenced to 10 years in prison, the U.S. Department of Justice announced Friday. Fedir Hladyr, a 35-year-old Ukrainian national, is said to have played a crucial role in a criminal scheme that compromised tens of millions of debit and credit cards, in addition to aggregating the stolen information, supervising other members of the group, and maintaining the server infrastructure that FIN7 used to attack and control victims' machines.

Sophos cybersecurity expert Chester Wisniewski provides excellent, topical and timely commentary on the FBI's recent use of a malware-like method to forcibly clean up hundreds of servers still infected in the Hafnium aftermath. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.

The Biden administration on Thursday announced the U.S. is expelling 10 Russian diplomats and imposing sanctions against dozens of companies and people, holding the Kremlin accountable for interference in last year's presidential election and the cyber hacking of federal agencies. U.S. intelligence officials alleged in a declassified report last month that Russian President Vladimir Putin authorized influence operations to help Donald Trump in his unsuccessful bid for reelection as president, though there's no evidence Russia or anyone else changed votes or manipulated the outcome.