Microsoft warns of ‘sophisticated’ Russian email attack targeting government agencies

By Jon Porter
The Verge
 18 days ago

Cover picture for the articleMicrosoft has raised the alarm over a “sophisticated” ongoing cyberattack believed to be from the same Russia-linked hackers behind the SolarWinds hack. In a blog post, Tom Burt, Microsoft’s corporate vice president for customer security and trust, said the attack appears to be targeting government agencies, think tanks, consultants, and NGOs. In total, around 3,000 email accounts are believed to have been targeted across 150 organizations. Victims are spread across upward of 24 countries, but the majority are believed to be in the US.

www.theverge.com
Softwarenationalcybersecuritynews.today

Hackers targeting ‘anything that looks vulnerable’ in Microsoft Exchange attacks, official says – National | #microsoft | #hacking | #cybersecurity

The head of Canada’s Cyber Centre is urging organizations to close a door in their Microsoft Exchange email servers that had been left wide open for hackers to exploit. While many companies have already patched their systems, some have yet to do so – and for those businesses, it may already be too late.
Public Safetynationalcybersecuritynews.today

Public Sector, Another Vulnerable Target to Attackers | #microsoft | #hacking | #cybersecurity

Cybercriminals are continually scheming ways to get their hands on your sensitive data. Learn how to protect your data & stakeholders before it’s too late. Private and public sector organizations alike were surprised by the SolarWinds cyber attack that was announced by FireEye in December 2020. As one of the largest cyber attacks in history, it affected 18,000 of its customers globally. By injecting code into SolarWinds’ Orion platform, hackers carried out a supply chain attack that allowed them to infiltrate the IT systems of many private and public sector organizations globally, including:
U.S. PoliticsPosted by
FOX26

Biden weighs direct action against Russian targets following cyberattacks

WASHINGTON (Sinclair Broadcast Group) — Between the massive SolarWinds hack that targeted U.S. government agencies and the debilitating ransomware attack that shut down Colonial Pipeline last month, the targeting of the global meatpacking giant JBS, marked the third major cyberattack the administration has laid at the feet of the Russian government in less than two months.
Fraud Crimesnationalcybersecuritynews.today

US will be hit by MORE ransomware attacks by gangs linked to foreign governments, cybersecurity official warns | #cybersecurity | #cyberattack

THE US will be hit by more ransomware attacks carried out by gangs linked to foreign governments, top cybersecurity officials have warned. America has been hit by a series of devastating hacks in recent months that have targeted national interests, including an attack on meatpacking firm JBS and the days-long shutdown of the Colonial Pipeline.
Technologynationalcybersecuritynews.today

Microsoft: How ‘zero trust’ can protect against sophisticated hacking attacks | #microsoft | #hacking | #cybersecurity

The variety of techniques used by the SolarWinds hackers was sophisticated yet in many ways also ordinary and preventable, according to Microsoft. To prevent future attacks of similar levels of sophistication, Microsoft is recommending organizations adopt a “zero trust mentality”, which disavows the assumption that everything inside an IT network is safe. That is, organizations should assume breach and explicitly verify the security of user accounts, endpoint devices, the network and other resources.
Fraud Crimesbleepingcomputer.com

US: Russian threat actors likely behind JBS ransomware attack

White House has confirmed today that JBS, the world's largest beef producer, was hit by a ransomware attack over the weekend coordinated by a group likely from Russia. While the company already issued an official statement saying that some of its North American and Australian IT systems were affected by a cyberattack on Sunday, it did not call it a ransomware attack.
Technologynationalcybersecuritynews.today

Security researcher says attacks on Russian government have Chinese fingerprints — and typos, too • The Register | #linux | #linuxsecurity

An advanced persistent threat that Russia found inside government systems was too crude to have been the work of a western nation, says security researcher Juan Andrés Guerrero-Saade of Sentinel Labs, before suggesting the malware came from a Chinese entity. Russian telco and IT services provider Rostelecom and the nation’s...
Washington Statenationalcybersecuritynews.today

‘No company is safe’ from ransomware attacks, White House warns | Washington Examiner | #government | #hacking | #cyberattack

A series of major ransomware attacks targeting gasoline and meat supplies as well as the federal government and human rights groups prompted the White House to push businesses and companies to take cyberattacks more seriously on Thursday. In a letter addressed to corporate executives and business leaders, Anne Neuberger, the...
Worldnationalcybersecuritynews.today

‘Flattered’ Russian spy chief denies SolarWinds attack – BBC | #government | #hacking | #cyberattack

Russia’s spy chief on Tuesday denied responsibility for the SolarWinds (SWI.N) cyber attack but said he was “flattered” by the accusations from the United States and Britain that Russian foreign intelligence was behind such a sophisticated hack. The United States and Britain have blamed Russia’s Foreign Intelligence Service (SVR), successor...
Public Safetyava360.com

U.S. transit agencies targeted in recent wave of cyberattacks

Two new cyberattacks targeted U.S. transit agencies. New York’s Metropolitan Transit Authority and a Massachusetts ferry service both said their systems were recently compromised by hackers following Monday’s attacks on the world’s largest meat processing company, JBS SA. CBS News chief Justice and Homeland Security correspondent Jeff Pegues reports on the response from Washington, and CBSN technology reporter Dan Patterson joined Tanya Rivero to discuss.
Public Safetynationalcybersecuritynews.today

Adventures in Contacting the Russian FSB – Krebs on Security | #microsoft | #hacking | #cybersecurity

KrebsOnSecurity recently had occasion to contact the Russian Federal Security Service (FSB), the Russian equivalent of the U.S. Federal Bureau of Investigation (FBI). In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware.
Congress & CourtsMartha's Vineyard Times

Markey walks back comment that Russians attacked SSA

During a press conference in Woods Hole Friday, U.S. Sen. Ed Markey said a ransomware attack on the Steamship Authority’s website and reservation system was the work of Russian hackers. But late Friday, Markey’s press spokesperson texted a Times reporter and asked that the story’s headline be changed. “Senator Markey...
Softwarenationalcybersecuritynews.today

Microsoft warns of cryptomining attacks on Kubernetes clusters | #microsoft | #hacking | #cybersecurity

Microsoft warns of an ongoing series of attacks compromising Kubernetes clusters running Kubeflow machine learning (ML) instances to deploy malicious containers that mine for Monero and Ethereum cryptocurrency. The attacks had started towards the end of May when Microsoft security researchers observed a sudden increase in TensorFlow machine learning pod...
U.S. Politicsinforisktoday.com

Securing Identities, Credentials, and Access in Federal Government Agencies

Securing Identities, Credentials, and Access in Federal Government Agencies. Known as Federal Identity, Credential, and Access Management, FICAM is the U.S. government’s approach to Identity, Credential, and Access Management (ICAM). There are numerous federal laws, policies, and standards that influence the design of FICAM programs. One of these—the OMB 19-17 Memorandum—sets out the federal government’s position on identity, credential, and access management (ICAM) and issues multiple strategic goals for agencies to work towards. These goals are intended to modernize digital operations, thereby improving security and better serving citizens and partners. In this whitepaper, we’ll explore what OMB 19-17 means for your agency. Plus, we’ll discuss how an Okta and Amazon Web Services (AWS) partnership can help you to comply with FICAM requirements and perform at full potential.