18 C
Jaipur
Tuesday, November 24, 2020

Russian Hackers Attack U.S. Government Networks

Must read

facebook: Facebook, Google and Microsoft ask Malaysia PM to reinstate foreign ship cable waiver: Report – Latest News

Microsoft, Google and Facebook have asked Malaysia's Prime Minister to reinstate an exemption allowing non-Malaysian ships to carry out repairs to submarine cables in...

Microsoft: Innovation a “must” for 77% businesses in India: Report – Latest News

A large number of organisations in the country believe 'innovation' is important for their performance and resilience with many saying they are accelerating the...

Google Fit Gets New UI and Features on Wear OS; Start Rolling out This Week

Earlier last week, Google Fit received a huge revamp that enables users to view all of their fitness data in a central hub. This...

CISA & FBI released a joint alert detailing Russian state-sponsored advanced persistent threat (APT) targeting various U.S. government networks to steal sensitive data.

Russian State-sponsored actors group such as Berserk Bear, Energetic Bear, TeamSpy, Dragonfly, Havex, Crouching Yeti, and Koala are active since 2010 and targeting various U.S. state, local, territorial, and tribal (SLTT) government networks, as well as aviation networks.

Data Stolen From Government networks

According to the joint alert the group has compromised many government networks and gained access to sensitive files that includes;

  • Sensitive network configurations and passwords.
  • Standard operating procedures (SOP), such as enrolling in multi-factor authentication (MFA).
  • IT instructions, such as requesting password resets.
  • Vendors and purchasing information.
  • Printing access badges.

“The Russian state-sponsored APT actor has targeted dozens of SLTT government and aviation networks, attempted intrusions at several SLTT organizations, successfully compromised network infrastructure, and as of October 1, 2020, exfiltrated data from at least two victim servers.”

Once these threat actors gained initial access to the network, then they move inside the network and locate for high-value assets to exfiltrate data.

“To date, the FBI and CISA have no information to indicate this APT actor has intentionally disrupted any aviation, education, elections, or government operations. However, the actor may be seeking access to obtain future disruption options, to influence U.S. policies and actions, or to delegitimize SLTT government entities.”

FBI and CISA on=bserved that the threat actor group vulnerable Citrix and Microsoft Exchange services and identified vulnerable systems, likely for future exploitation.

It is recommended to fix the updated applications and prioritize patching for external-facing applications and remote access services to address vulnerabilities including CVE-2019-19781, CVE-2020-0688, CVE 2019-10149, CVE-2018-13379, and CVE-2020-1472.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read

GitHub Launches Code Scanning Tool to Find Security Vulnerabilities – Available for All Users

Beware of the New Critical Zerologon Vulnerability in The Windows Server

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

facebook: Facebook, Google and Microsoft ask Malaysia PM to reinstate foreign ship cable waiver: Report – Latest News

Microsoft, Google and Facebook have asked Malaysia's Prime Minister to reinstate an exemption allowing non-Malaysian ships to carry out repairs to submarine cables in...

Microsoft: Innovation a “must” for 77% businesses in India: Report – Latest News

A large number of organisations in the country believe 'innovation' is important for their performance and resilience with many saying they are accelerating the...

Google Fit Gets New UI and Features on Wear OS; Start Rolling out This Week

Earlier last week, Google Fit received a huge revamp that enables users to view all of their fitness data in a central hub. This...

Niti Aayog forms panel to study feasibility of ultrahigh-speed travel in India using Hyperloop tech – Latest News

Government think-tank Niti Aayog has formed a high-level panel to explore the technological and commercial viability of the Virgin Hyperloop technology for ultrahigh speed...