Former U.S. intel operatives to pay $1.6M for hacking for foreign govt

The U.S. government has entered a Deferred Prosecution Agreement (DPA) with three former intelligence operatives to resolve criminal charges relating to their offering of hacking services to a foreign government. Between 2016 and 2019, Marc Baier, Ryan Adams, and Daniel Read More …

NSA, Partners Release Cybersecurity Advisory on Brute Force Global Cyber Campaign

FORT MEADE, Md. – The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and the UK’s National Cyber Security Centre (NCSC) released a Cybersecurity Advisory today exposing malicious cyber activities by Russian military Read More …

Russia to work with US on identifying hackers as part of an agreement, FSB chief says

Russia will cooperate with the United States in the field of identifying ransomware hackers as part of an agreement between the two countries’ presidents, Director of Russia’s Federal Security Service Alexander Bortnikov said in his opening remarks at the IX Read More …

Elizabethan England has nothing on modern-day Russia

The threat landscape is changing. Organizations need to defend against an ever-evolving tranche of threat actors. For a long time, the lines that distinguish state-sponsored and crimeware groups were well-defined. We believe this is no longer the case. In today’s Read More …

Russian state hackers switch targets after US joint advisories

Russian Foreign Intelligence Service (SVR) operators have switched their attacks to target new vulnerabilities in reaction to US govt advisories published last month with info on SVR tactics, tools, techniques, and capabilities used in ongoing attacks. The warning comes after Read More …

PoC exploit released for Microsoft Exchange bug dicovered by NSA

Technical documentation and proof-of-concept exploit (PoC) code is available for a high-severity vulnerability in Microsoft Exchange Server that could let remote attackers execute code on unpatched machines. The flaw is for one of the four that the National Security Agency Read More …

NSA: 5 Security Bugs Under Active Nation-State Cyberattack

The Feds are warning that nation-state actors are once again after U.S. assets, this time in a spate of cyberattacks that exploit five vulnerabilities that affect VPN solutions, collaboration-suite software and virtualization technologies. According to the U.S. National Security Agency Read More …

NSA discovers critical Exchange Server vulnerabilities, patch now

Microsoft today has released security updates for Exchange Server that address a set of four vulnerabilities with severity scores ranging from high to critical. All the flaws lead to remote code execution on a vulnerable machine and were discovered and Read More …

Chinese hackers cloned attack tool belonging to NSA’s Equation Group

Chinese threat actors “cloned” and used a Windows zero-day exploit stolen from the NSA’s Equation Group for years before the privilege escalation flaw was patched, researchers say. On Monday, Check Point Research (CPR) said the tool was a “clone” of Read More …