Security News

Following sanctions announced by the U.S. Department of the Treasury last week, Russian cyber-security firm Positive Technologies says the accusations are groundless. Positive Technologies, one of the sanctioned organizations, says it has thousands of customers in 30 countries, including large banks and telecommunications companies, but also lists on its website the Russian government as being one of its customers.

The US government sanctioned this week twenty-eight cryptocurrency addresses allegedly associated with entities or individuals linked to Russian cyberattacks or election interference. The US government introduced these sanctions in an executive order by President Biden that formally announced that the Russian SVR, and its hacking division, commonly referred to as APT29, The Dukes, or Cozy Bear, were behind the recent SolarWinds supply chain attack.

Positive Technologies has hit back at the US government's "Groundless accusations" that it helped the Russian state carry out cyber attacks against the West - by highlighting how "Government agencies of different countries" use its products. Yesterday the US Treasury declared that Positive was selling weaponised infosec tech to the Russian government and ran recruiting events for state hacking agencies, which some Western news outlets have interpreted as meaning the company's flagship Positive Hack Days events.

The Treasury Department on Thursday slapped six Russian technology companies with sanctions for supporting Kremlin intelligence agencies engaged in "Dangerous and disruptive cyber attacks." Only one of them stands out for its international footprint and partnerships with such IT heavyweights as Microsoft and IBM. That company, Positive Technologies, claims more than 2,000 customers in 30 countries, including major European banks Societe Generale and ING, as well as Samsung, SK Telecom of South Korea and BT, the British telecommunications giant.

The United States government is formally accusing the Russian government of the SolarWinds supply-chain attack that gave hackers access to the network of multiple U.S. agencies and private tech sector companies. The press release from the White House confirms past media reports citing unofficial sources that the Russian Foreign Intelligence Service, the SVR, was behind the SolarWinds hack.

The U.S. government on Thursday warned that Russian APT operators are exploiting five known - and already patched - vulnerabilities in corporate VPN infrastructure products, insisting it is "Critically important" to mitigate these issues immediately. According to the NSA, the five vulnerabilities should be prioritized for patching alongside the newest batch of Exchange Server updates released by Microsoft earlier this week.

A joint advisory from the U.S. National Security Agency, the Cybersecurity and Infrastructure Security Agency, and the Federal Bureau of Investigation warn that the Russian Foreign Intelligence Service is exploiting five vulnerabilities in attacks against U.S. organizations and interests. In an advisory issued today, the NSA said that it is aware of the Russian SVR using these vulnerabilities against public-facing services to obtain authentication credentials to further compromise the networks of US corporate and government networks.

The Biden administration on Thursday announced the U.S. is expelling 10 Russian diplomats and imposing sanctions against dozens of companies and people, holding the Kremlin accountable for interference in last year's presidential election and the cyber hacking of federal agencies. U.S. intelligence officials alleged in a declassified report last month that Russian President Vladimir Putin authorized influence operations to help Donald Trump in his unsuccessful bid for reelection as president, though there's no evidence Russia or anyone else changed votes or manipulated the outcome.

The organization that oversees Sweden's national sports federations was hacked by Russian military intelligence in 2017-18, officials said Tuesday, in a data-breaching campaign that also affected some of the world's leading sporting bodies, including FIFA and the World Anti-Doping Agency. Swedish prosecutors said the "Repeated and comprehensive breaches" of the Swedish Sports Confederation by GRU resulted in athletes' personal details, such as medical records, being accessed and that information being published by Swedish media.

Several German lawmakers have once again fallen victim to a cyber attack, local media said Friday, with security experts pointing the finger at Russian hackers. Hackers used phishing emails to gain access to the computers of at least seven federal MPs and 31 lawmakers in regional parliaments, according to Der Spiegel weekly.