The U.S. and U.K. jointly reveal code flaws abused by Solarwind Hackers

A report has been jointly released by three U.S. agencies and a U.K. agency on Friday, revealing details about how Russia’s foreign intelligence service operates in cyberspace, the latest effort to try to sever future attacks.

The report consists of technical resources about the group’s tactics, including breaching email in order to find information and passwords to further infiltrate organizations. Additionally, the report provided software flaws commonly exploited by hackers. It also offers details about how network administrators can counter the attackers’ tactics.

“The group uses a variety of tools and techniques to predominantly target overseas governmental, diplomatic, think-tank, health-care and energy targets globally for intelligence gain,” the U.S and the U.K. wrote in a Friday report authored jointly by the U.K.’s National Cyber Security Centre and three U.S. agencies, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the National Security Agency.

President of the U.S.A., Joe Biden, imposed sanctions on Russia a month ago following a supply-chain attack that compromised popular software by the Texas-based firm SolarWinds Corp. This cyberattack further broke into nine government agencies and at least 100 private-sector companies. Biden attributed the attack to Russia’s civilian foreign intelligence service, SVR. SVR’s hacking group is known by different names, including APT29, Cozy Bear, and The Dukes.

“The SVR is a technologically sophisticated and highly capable cyber-actor. It has developed capabilities to target organizations globally, including in the U.K., U.S., Europe, NATO member states and Russia’s neighbors,” according to the report.

Last year, the two countries accused the same hacking group of targeting Covid-19 vaccine-making organizations. Cybersecurity analysts have also tied the group to attacks against governments and organizations across the globe, including an infamous attack on the Democratic National Committee’s servers ahead of the U.S. 2016 election.

“Like other sophisticated cyber-actors, the SVR is known to rapidly exploit vulnerabilities once publicly known,” said Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, according to Bloomberg.

“We recommend that critical system owners, including state and local governments and private-sector partners, prioritize this advisory and apply recommended actions to mitigate this ongoing and evolving SVR cyber threat,” he said in an emailed statement.

Two other advisories were released by the U.S. in April that were focused on SVR hackers, which detailed coding flaws they used to breach networks in the U.S. and allied countries as well as tactical trends for which network defenders should prepare.

Friday’s report revealed that a vulnerability in Microsoft Corp.’s Exchange software for email, which was previously exploited by suspected Chinese hackers to target thousands of organizations earlier this year, was utilized by the Russian group.

SOURCE

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More like this

Microsoft May Discontinue Skype in May 2025, Push Users...

Microsoft appears to be preparing to phase out Skype. In the latest preview of Skype for Windows,...

Majorana 1: Microsoft’s First Quantum Chip and the Science...

Microsoft introduced its first quantum computing chip on Wednesday and claimed that quantum computing might become real...

Microsoft’s New Surface CoPilot+ Laptops with Core Ultra Series...

Microsoft has just unveiled its most intelligent business laptops yet, combining powerful AI capabilities with a Mircsleek...
Microsoft

How Much is Microsoft Net Worth in 2025?

Microsoft Net Worth in 2025 - All You Need to Know Microsoft, a stalwart in the technology industry,...
Apple Nears $4 Trillion Valuation, Surpasses Nvidia and Microsoft

Apple Nears $4 Trillion Valuation, Surpasses Nvidia and Microsoft

Apple Inc., the world’s most valuable company, is on the brink of achieving a historic milestone: a...

LATEST NEWS

WPL 2025: Mooney, Dottin, And Kanwar Shine As Giants Secure Dominant Win To Climb To Second Place

It was far from a joyful homecoming for UP Warriorz, who suffered a heavy defeat against Gujarat Giants at the Ekana Stadium, slipping from...

UEFA Champions League 2024/25: Real Madrid vs Atletico Madrid – Preview and Prediction and Where to Watch the Match Live?

Real Madrid aims to capitalize on home advantage as they welcome fierce rivals Atlético for the first leg of their Champions League last-16 clash...

Exclusive: The Top 10 PC Games Available on MacOS as of 2025

PC Games Available on macOS: While macOS has never been as synonymous with gaming as Windows, there are a growing number of excellent titles...

ASUS Brings AMD Radeon RX 9070 Series GPUs: The Future of Gaming Graphics

Picture this: You’re immersed in the latest open-world game, marveling at the lifelike reflections in a rain-soaked city street, when suddenly you realize -...

Featured