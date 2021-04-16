Infosecurity Group Websites
Latest
News

US Issues Russian SVR Warning

America has issued a cybersecurity advisory that urges organizations to patch vulnerabilities it says are being exploited by Russian Foreign Intelligence Service (SVR) actors.

The warning was jointly issued on April 15 by the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI), as the US announced new sanctions against Russia.

Titled "Russian SVR Targets US and Allied Networks," the advisory lists five publicly known vulnerabilities and calls for network defenders to act quickly to "prevent future loss of sensitive information."

The vulnerabilities the United States says are being exploited by SVR are CVE-2018-13379 Fortinet FortiGate VPN, CVE-2019-9670 Synacor Zimbra Collaboration Suite, CVE-2019-11510 Pulse Secure Pulse Connect Secure VPN, CVE-2019-19781 Citrix Application Delivery Controller and Gateway, and CVE-2020-4006 VMware Workspace ONE Access.

"This advisory is being released alongside the US Government’s formal attribution of the SolarWinds supply chain compromise and related cyber espionage campaign," stated the NSA.

"We are publishing this product to highlight additional tactics, techniques, and procedures being used by SVR so that network defenders can take action to mitigate against them."

The agency said that the SVR actors, also known as APT29Cozy Bear, and The Dukes, are exploiting the vulnerabilities in an effort to gain access by obtaining authentication credentials.

"Mitigation against these vulnerabilities is critically important as US and allied networks are constantly scanned, targeted, and exploited by Russian state-sponsored cyber actors," warned the NSA. 

"In addition to compromising the SolarWinds Orion software supply chain, recent SVR activities include targeting COVID-19 research facilities via WellMess malware and targeting networks through the VMware vulnerability disclosed by NSA."

Commenting on the advisory, K2 Cyber Security co-founder and CTO Jayant Shukla said: "The easiest way to secure an organization is to keep software up to date and patched."

He added: "Unfortunately, patching often takes organizations a significant amount of time due to testing and compliance requirements, so the sooner they can start the process the better off they will be. 

"For those applications that can be protected during runtime with newer technologies like virtual patching, organizations should implement solutions to keep these vulnerabilities from being exploited."

Related to This Story

What’s Hot on Infosecurity Magazine?

1
Opinion

Understanding Education and Certifications to Help Find Your Path in Cybersecurity

2
News

Uni of Hertfordshire Suffers Cyber-Attack That Takes Down its Entire IT Network

3
News

Food Shortages at Dutch Supermarkets After Ransomware Outage

4
News

New Jersey School Districts Investigate Cyber-Attacks

5
News

Global Attacker Dwell Time Drops to Just 24 Days

6
News

Europe's Data Protection Guardians Green Light EU-UK Data Flows

1
News

US Issues Russian SVR Warning

2
News

Keyfactor to Merge with PrimeKey

3
Opinion

Encrypted Data in the Cloud

4
News

Mass Monitoring of Remote Workers Drives Shadow IT Risk

5
News

Google to Delay Publishing Bug Details for 30 Days

6
News

Trickbot Actors Target Slack and BaseCamp Users

1
Webinar

How to Secure the Most Vital Data Channel in Your Organization: File Transfers

2
Webinar

Extended Threat Detection and Response: Critical Steps and a Critical System

3
Webinar

Security Certification: Gain Competitive Advantage as the Low Risk Option

4
Webinar

Hybrid Working Has Accelerated Cloud Application Adoption: What About Security?

5
Webinar

No Perimeter, No Problem: Crypto-Strategy for a Zero-Trust Future

6
Webinar

Securing Remote Employee Devices with Unified Endpoint Management

1
Online Summit

[On-Demand] Infosecurity Magazine Spring Online Summit - EMEA 2021

2
Webinar

Security Mythbusting: Dismantling the Top Five API Myths

3
Online Summit

[On-Demand] Infosecurity Magazine Spring Online Summit - North America 2021

4
News Feature

Census 2021: How Safe Will Our Data Be Over the Next 100 Years?

5
Opinion

How Behavioral Biometrics is Combating Credential Stuffing Attacks

6
Webinar

Securing the #COVID19 Vaccine & Supply Chain