White House formally blames Russian intelligence service SVR for SolarWinds hack
therecord.media/white-house-formally-blames-russian-intelligence-service-svr-for-solarwinds-hack/ In a press release today announcing a broad set of sanctions against the Russian government, the Biden administration has formally named the Russian Foreign Intelligence Service, also known as the SVR, as the perpetrator of the 2020 SolarWinds Orion supply chain attack.. The White House said that SVRs hacking unit, known as APT 29, Cozy Bear, or The Dukes, exploited the SolarWinds Orion platform and other information technology infrastructures as part of a broad-scope cyber espionage campaign.. see also
www.whitehouse.gov/briefing-room/statements-releases/2021/04/15/fact-sheet-imposing-costs-for-harmful-foreign-activities-by-the-russian-government/. and home.treasury.gov/news/press-releases/jy0127. and
www.gov.uk/government/news/russia-uk-exposes-russian-involvement-in-solarwinds-cyber-compromise. and www.nato.int/cps/en/natohq/official_texts_183168.htm. and
Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks
www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2573391/russian-foreign-intelligence-service-exploiting-five-publicly-known-vulnerabili/ This advisory is being released alongside the U.S. Governments formal attribution of the SolarWinds supply chain compromise and related cyber espionage campaign. We are publishing this product to highlight additional tactics, techniques, and procedures being used by SVR so that network defenders can take action to mitigate against them. . see also
us-cert.cisa.gov/ncas/current-activity/2021/04/15/nsa-cisa-fbi-joint-advisory-russian-svr-targeting-us-and-allied. and us-cert.cisa.gov/ncas/analysis-reports/ar21-105a
Second Google Chrome zero-day exploit dropped on twitter this week
www.bleepingcomputer.com/news/security/second-google-chrome-zero-day-exploit-dropped-on-twitter-this-week/ A second Chromium zero-day remote code execution exploit has been released on Twitter this week that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers.
Huoltovarmuuskeskuksen ja tavarantoimittajan välisessä maksuliikenteessä mahdollinen rikollinen väliintulo. HVK:lle ei ole syntynyt taloudellista vahinkoa ja suuri osa maksusta on jo palautettu HVK:n tilille.
www.huoltovarmuuskeskus.fi/a/huoltovarmuuskeskuksen-ja-tavarantoimittajan-valisessa-maksuliikenteessa-mahdollinen-rikollinen-valiintulo-hvklle-ei-ole-syntynyt-taloudellista-vahinkoa-ja-suuri-osa-ma… Huoltovarmuuskeskus (HVK) on tehnyt poliisille tutkintapyynnön ja pyytänyt keskusrikospoliisin rahanpesuyksikköä selvittämään, liittyykö HVK:n ja erään sen tavarantoimittajan väliseen maksuliikenteeseen rikollinen väliintulo.. Tutkintapyyntö liittyy maksuun, jonka kokonaissumma on noin 1,3 miljoonaa euroa.
University of Hertfordshire pulls the plug on, well, everything after cyber attack
www.theregister.com/2021/04/15/university_hertfordshire_cyber_attack/ The University of Hertfordshire has fallen victim to a cyber attack that has resulted in the establishment pulling all its systems offline to deal with the situation.
The Biden Administration Just Accused A $1 Billion Russian Cybersecurity Company Of Recruiting Spies
www.forbes.com/sites/thomasbrewster/2021/04/15/the-biden-administration-just-accused-a-1-billion-russian-cybersecurity-company-of-recruiting-spies/ Despite being valued at $1 billion and growing to become a major force in the cybersecurity industry, Moscow-based Positive Technologies has just been accused by the U.S. government of helping and recruiting for Russian spy agencies.
Gafgyt Botnet Lifts DDoS Tricks from Mirai
threatpost.com/gafgyt-botnet-ddos-mirai/165424/ The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices.
Huge upsurge in DDoS attacks during pandemic
blog.malwarebytes.com/reports/2021/04/huge-upsurge-in-ddos-attacks-during-pandemic/