Security News

Russia's infamous APT 29, aka Cozy Bear, was behind the SolarWinds Orion attack, the US and UK governments said today as America slapped sanctions on Russian infosec companies as well as expelling diplomats from that country's US embassy. "The Russian Intelligence Services' third arm, the SVR, is responsible for the 2020 exploit of the SolarWinds Orion platform and other information technology infrastructures. This intrusion compromised thousands of US government and private sector networks," said the US Treasury.

The NSA reckons Russian government hackers are actively abusing a critical security hole in VMWare's software to infiltrate victims' networks. "Russian state-sponsored malicious cyber actors are exploiting a vulnerability in VMware Access and VMware Identity Manager products, allowing the actors access to protected data and abusing federated authentication," a cybersecurity notice [PDF] published on Monday warns.

Six men have been named as Russian military hackers and accused of spreading malware, disrupting the Olympics in retaliation for Russia's doping ban, and meddling with elections as well as probes into Novichok poisonings. Targeted South Koreans, athletes, the International Olympic Committee officials, and more, with spear-phishing and malicious mobile apps in the run-up to the 2018 Winter Olympics in Pyeongchang, South Korea.

The Kremlin on Thursday denied claims by Britain that "Russian actors" sought to meddle in last year's general election and that Russian intelligence services most likely hacked coronavirus vaccine research. "We have no information on who could have hacked pharmaceutical companies and research centres in Britain," Kremlin spokesman Dmitry Peskov told the TASS news agency.

The NSA has raised the alarm over what it says is Russia's active exploitation of a remote-code execution flaw in Exim for which a patch exists. The American surveillance super-agency said [PDF] on Thursday the Kremlin's military intelligence hackers are actively targeting some systems vulnerable to CVE-2019-10149, a security hole in the widely used Exim mail transfer agent that was fixed last June.

The NSA has raised the alarm over what it says is Russia's active exploitation of a remote-code execution flaw in Exim for which a patch exists. The American surveillance super-agency said [PDF] on Thursday the Kremlin's military intelligence hackers are actively targeting some systems vulnerable to CVE-2019-10149, a security hole in the widely used Exim mail transfer agent that was fixed last June.

The Russian government, via mouthpiece RIA Novosti, has claimed Korean tech giant Samsung will comply with a controversial Russian law passed in November that forces smartphones and computers to come pre-installed with domestic-made shovelware. "Samsung Electronics will be ready to meet the requirements of the Russian legislation provided by the regulator and adapt the company's activities in accordance with the adopted regulations," the state-owned wire service quoted a "Representative" as telling it.

... Are ... are we the baddies? Hackers from the Five Eyes intelligence agencies have been accused of breaking into systems at Yandex, dubbed Russia's Google.…

You satmad, bro? Misinformation coming from Russia isn't merely an internet phenomenon; it also affects navigation systems.…

'Hundreds' of intrusions, switch could be pulled anytime, where have we heard this before? The US Department of Homeland Security is once again accusing Russian government hackers of penetrating...