Security News

Russia is offering its own trusted Transport Layer Security certificate authority to replace certificates that need to be renewed by foreign countries. According to a notice on Russia's public service portal, Gosuslugi, as shown in a translated version in this article's featured art, the certificates will replace foreign security certs if they expire or get yanked by foreign CAs.

Russia may try to dodge sanctions using ransomware payments, warns US Treasury. As the United States and its companies distance themselves from Russia in the wake of its invasion of Ukraine, the Treasury says Russia may be attempting to avoid the sanctions by utilizing ransomware payments to do so.

In a Wednesday threat advisory, Cisco Talos described a campaign it's observed in which a threat actor was offering a supposed distributed denial-of-service tool on Telegram that's purportedly meant to pummel Russian websites. The crisis has brought both new threats and an influx of actors "Of varying skill," Cisco said.

Russia has created its own trusted TLS certificate authority to solve website access problems that have been piling up after sanctions prevent certificate renewals. The sanctions imposed by western companies and governments are preventing Russian sites from renewing existing TLS certificates, causing browsers to block access to sites with expired certificates.

Russia may ramp up ransomware attacks against the United States as a way to avoid sanctions levied against the nation and Vladimir Putin's government for its invasion of Ukraine, U.S. federal authorities are warning. The Financial Crimes Enforcement Network issued a FinCEN Alert on Wednesday advising all financial institutions to remain vigilant against potential efforts to evade the expansive sanctions and other U.S.-imposed restrictions related to the current conflict.

It has been interesting to notice how unimportant and ineffective cyber operations have been in the Russia-Ukraine war. Russia launched a wiper against Ukraine at the beginning, but it was found...

The Treasury Department's Financial Crimes Enforcement Network warned U.S. financial institutions this week to keep an eye out for attempts to evade sanctions and US-imposed restrictions following Russia's invasion of Ukraine. FinCEN said [PDF] that it's critical to "Identify and quickly report suspicious activity associated with potential sanctions evasion, and conduct appropriate risk-based customer due diligence or, where required, enhanced due diligence."

Lumen Technologies, the internet backbone provider formerly known as CenturyLink, has quit Russia. Other tech firms that have quit Russia have also cited opposition to the invasion as a prime reason for withdrawing services, sales, and other operations.

The findings of the report take into account security events occurring across more than 120,000 user accounts during the period of January 1st to December 31st, 2021 and shows that the vast majority of attacks on top SaaS platforms such as Microsoft 365, Google Workspace, Slack and Dropbox are originating from the countries of Russia and China. Over the last several weeks, there has been a sharp rise in activity from countries with consistently high levels of both attempted and successful attacks originating within their borders - Russia and China.

To protect client data during the ongoing conflicts, Cloudflare has removed all customer encryption keys from data centers located in Ukraine, Russia, and Belarus, and deployed its "Keyless SSL" technology. The second measure is the addition of a forceful configuration on all servers located in Ukraine, Belarus, and Russia, to automatically brick in the case of a power loss or internet connection disruption.