Security News

It's an increasingly common way to attack networks. Once inside a network, SVR hackers followed a standard playbook: establish persistent access that will remain even if the initial vulnerability is fixed; move laterally around the network by compromising additional systems and accounts; and then exfiltrate data.

United States secretary of state Mike Pompeo has laid the blame for the SolarWinds hack on Russia, but his boss begs to differ. The Associated Press reports that the White House was set to issue a Friday afternoon statement describing Russia as "The main actor" behind the incident, but that staff were told to stand down instead. At the time of writing the State Department, National Security Agency, White House, Cybersecurity and Infrastructure Security Agency, and president Trump all appear not to have attempted to reconcile the administration's conflicting view on the incident.

Contradicting his secretary of state and other top officials, President Donald Trump on Saturday suggested without evidence that China - not Russia - may be behind the cyberattack against the United States and tried to minimized its impact. Officials at the White House had been prepared to put out a statement Friday afternoon that accused Russia of being "The main actor" in the hack, but were told at the last minute to stand down, according to one U.S. official familiar with the conversations who spoke on condition of anonymity to discuss private deliberations.

Russia was "Pretty clearly" behind a devastating cyberattack on several US government agencies that also hit targets worldwide, Secretary of State Mike Pompeo said. "There was a significant effort to use a piece of third-party software to essentially embed code inside of US government systems," Pompeo told The Mark Levin Show on Friday.

A Russian citizen living in Denmark has been charged with espionage for allegedly having provided information about Danish energy technology, among other things, to an unnamed Russian intelligence service, the Danish prosecution authority said Wednesday. If found guilty, the Russian citizen faces up to six years in jail.

In the modern twist on old-fashioned war games, the U.S. military dispatched cyber fighters to Estonia this fall to help the small Baltic nation search out and block potential cyber threats from Russia. The U.S. Cyber Command operation occurred in Estonia from late September to early November, officials from both countries disclosed this week, just as the U.S. was working to safeguard its election systems from foreign interference and to keep coronavirus research from the prying reach of hackers in countries including Russia and China.

State-sponsored programs from China, Russia, Iran and North Korea pose the greatest high-tech threats to Canada, a report from the nation's authority on cyber security warned Wednesday. "The number of cyber threat actors is rising, and they are becoming more sophisticated", the Canadian Centre for Cyber Security said.

Moscow on Tuesday vehemently rejected claims by Microsoft that Russia was behind cyber attacks on companies researching coronavirus vaccines and treatments, saying it was being made a scapegoat. Russian Deputy Foreign Minister Sergei Ryabkov told state news agency RIA Novosti it had become "Politically fashionable" to pin the blame for cyber attacks on Moscow.

The U.S. government has warned hospitals and healthcare providers of an "Increased and imminent" ransomware threat, which some experts have attributed to cybercriminals from Eastern Europe. The organizations say they've received credible information that threat actors are targeting the healthcare sector with the TrickBot malware in attacks that often lead to ransomware infections, data theft and disruption of healthcare services.

Jakub Kroustek found new Dharma ransomware variants that append the. Jakub Kroustek found a new Dharma ransomware variant that appends the.259 extension to encrypted files.