Security News

Following attribution of the SolarWinds supply chain attack to Russia's APT29, the US CISA infosec agency has published a list of the spies' known tactics - including a penchant for using a naughtily named email provider. APT29* is the Western infosec world's codename for what we now know is the Russian Foreign Intelligence Service, known by its Russian acronym SVR. As well as publishing a list of things US counterintelligence know about their Russian offensive counterparts, CISA has also added some advice on how to avoid these common Russian intelligence compromise tactics.

As the information infrastructure expands with new technologies and locations, zero trust allows organizations to focus on protecting the data, regardless of where it is sourced or how it is used. Now the U.S. Air Force has adopted zero trust to improve and protect its flightline.

The FBI, the US Department of Homeland Security, and the Cybersecurity and Infrastructure Security Agency warned today of continued attacks coordinated by the Russian Foreign Intelligence Service against US and foreign organizations. With access to the administrative account, the actors modified permissions of specific e-mail accounts on the network, allowing any authenticated network user to read those accounts.

American aviation regulators have ordered private jet operators to install software updates for Garmin collision avoidance units after multiple reports of false alarms - raising the risk of a mid-air crash. The affected Garmin products, its GTS 8000 series, generated seven false Traffic Collision Avoidance System warnings, said the US Federal Aviation Administration in a formal Airworthiness Directive published [PDF] earlier this month.

The Justice Department is taking new aim at ransomware after a year that officials say was the most costly on record for the crippling cyberattacks. Formation of a task force of FBI agents and Justice Department prosecutors is an acknowledgment of the growing threat posed by ransomware attacks, in which hackers lock up computer data and demand ransom payments in order to give it back.

The Biden administration is taking steps to protect the country's electric system from cyberattacks through a new 100-day initiative combining federal government agencies and the private industry. The initiative, announced Tuesday by the Energy Department, encourages owners and operators of power plants and electric utilities to improve their capabilities for identifying cyber threats to their networks.

Sivan Tehila, cybersecurity strategist at Perimeter 81, discusses climate change and the cyber-resilience lessons companies should take away from dealing with the pandemic. While COVID-19 caught many businesses off guard, smart executives are already thinking about the next global crisis and what challenges it might present for IT security.

The former systems administrator for the FIN7 card-slurping gang has been sentenced to 10 years in a US prison. Fedir Hladyr, 35, pled guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking last year, and on Friday was sentenced for his role in the theft and resale of over than 20 million customer card records from over 6,500 point-of-sale terminals across the US using the malware dubbed Carbanak.

A Ukrainian national arrested for his role in a hacking group that compromised millions of financial accounts was sentenced to a decade in prison, US prosecutors said Friday. Fedir Hladyr, 35, had a high-level role as a manager and systems administrator for a hacking group known at FIN7, authorities said.

The US government sanctioned this week twenty-eight cryptocurrency addresses allegedly associated with entities or individuals linked to Russian cyberattacks or election interference. The US government introduced these sanctions in an executive order by President Biden that formally announced that the Russian SVR, and its hacking division, commonly referred to as APT29, The Dukes, or Cozy Bear, were behind the recent SolarWinds supply chain attack.