Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack

The U.S. and UK attributed with “high confidence” the recently disclosed supply chain attack on SolarWinds to Russia’s Foreign Intelligence Service (SVR). The U.S. and U.K. attributed with “high confidence” the supply chain attack on SolarWinds to operatives working for Russia’s Foreign Intelligence Service (SVR) (aka APT29, Cozy Bear, and The Dukes). The UK, US […]

Solarwinds Timeline-of-Solorigate-attacks

The U.S. and UK attributed with “high confidence” the recently disclosed supply chain attack on SolarWinds to Russia’s Foreign Intelligence Service (SVR).

The U.S. and U.K. attributed with “high confidence” the supply chain attack on SolarWinds to operatives working for Russia’s Foreign Intelligence Service (SVR) (aka APT29, Cozy Bear, and The Dukes).

The UK, US and their international partners blame Russia of attempting to destabilize our societies.

“The UK and US are today calling out Russia for carrying out the SolarWinds compromise, part of a wider pattern of activities by the Russian Intelligence Services against the UK and our allies.”reads the press release published by the U.K. government.

“Russia’s pattern of malign behaviour around the world – whether in cyberspace, in election interference or in the aggressive operations of their intelligence services – demonstrates that Russia remains the most acute threat to the UK’s national and collective security.”

According to the US government, the SolarWinds attack was conducted by the SVR, nation-state actors compromised U.S. government and private organizations in many industries, including the financial sector and critical infrastructure.

The SVR also stole “red team tools,” used by security firms to mimic the techniques of attacks associated with known threat actors and help their customers to detect them.  

The Biden administration announced the US government is expelling 10 Russian diplomats and imposing sanctions against technology firms and people linked to Russian intelligence that attempted to interfere in last year’s presidential election and for conducting cyberattacks against federal agencies.

“Today, the U.S. Department of the Treasury took multiple sanctions actions under a new Executive Order (E.O.) targeting aggressive and harmful activities by the Government of the Russian Federation.”states the U.S. Department of the Treasury. “Treasury’s actions include the implementation of new prohibitions on certain dealings in Russian sovereign debt, as well as targeted sanctions on technology companies that support the Russian Intelligence Services’ efforts to carry out malicious cyber activities against the United States.”

The sanctions against Russia have been imposed for:

  • undermining the conduct of free and fair elections and democratic institutions in the United States and its allies and partners;
  • engaging in and facilitating malicious cyber activities against the United States and its allies and partners that threaten the free flow of information;
  • fostering and using transnational corruption to influence foreign governments;
  • pursuing extraterritorial activities targeting dissidents or journalists;
  • undermining security in countries and regions important to the United States’ national security; and violating well-established principles of international law, including respect for the territorial integrity of states.

The following six technology companies were accused of providing support to the cyber operations carried out by Russian Intelligence Services:

  • ERA Technopolis;
  • Pasit, AO (Pasit); 
  • Federal State Autonomous Scientific Establishment Scientific Research Institute Specialized Security Computing Devices and Automation (SVA); 
  • Neobit, OOO (Neobit); 
  • Advanced System Technology, AO (AST);
  • Pozitiv Teknolodzhiz, AO (Positive Technologies).

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, SVR)

[adrotate banner=”5″]

[adrotate banner=”13″]