News

Cyberespionage

Bloomberg | Equities.com |

A notorious Russia-linked hacking group is behind the cyberattack against JBS SA, according to four people familiar with the assault who were not authorized to speak publicly on the matter. The cyber gang goes by the name REvil or Sodinokibi.

While it’s unclear if all of REvil’s hackers operate in Russia, the group’s public face, a user on the dark web cyber-crime forum XSS who goes by the name “Unknown,” exclusively publishes in Russian. REvil typically uses a darkweb blog called “Happy Blog” to name victims when they decline to engage in ransom negotiations. REvil has yet to post a blog item dedicated to JBS.


Reuters | Equities.com |

The group behind the SolarWinds cyber attack identified late last year is now targeting government agencies, think tanks, consultants, and non-governmental organizations, Microsoft Corp said on Thursday.

"This week we observed cyberattacks by the threat actor Nobelium targeting government agencies, think tanks, consultants, and non-governmental organizations," Microsoft said in a blog.


AP News | Equities.com |

The Biden administration announced Thursday the U.S. is expelling 10 Russian diplomats and imposing sanctions against several dozen people and companies, holding the Kremlin accountable for interference in last year’s presidential election and the hacking of federal agencies.

The sweeping measures are meant to punish Russia for actions that U.S. officials say cut to the core of American democracy and to deter future acts by imposing economic costs on Moscow, including by targeting its ability to borrow money. The sanctions are certain to exacerbate tensions with Russia, which promised a response, even as President Joe Biden said the administration could have taken even more punitive measures but chose not to in the interests of maintaining stability.


Reuters | Equities.com |

The United States will announce sanctions on Russia as soon as Thursday for alleged election interference and malicious cyber activity, targeting several individuals and entities, people familiar the matter said.

The sanctions, in which 30 entities are expected to be blacklisted, will be tied with orders expelling about 10 Russian officials from the United States, one of the people said.


AP News | Equities.com |

Suspected Russian hackers gained access to email accounts belonging to the Trump administration’s head of the Department of Homeland Security and members of the department’s cybersecurity staff whose jobs included hunting threats from foreign countries, The Associated Press has learned.

The intelligence value of the hacking of then-acting Secretary Chad Wolf and his staff is not publicly known, but the symbolism is stark. Their accounts were accessed as part of what’s known as the SolarWinds intrusion and it throws into question how the U.S. government can protect individuals, companies and institutions across the country if it can’t protect itself.


Kimberly Redmond | Equities.com |

The Biden administration is closely following a newly-discovered breach of Microsoft’s servers for its popular mail and calendar program, Exchange, which was reportedly carried out by Chinese hackers in late January.

Calling it an “active threat” with “a large number of victims,” White House press secretary Jen Psaki told reporters Friday, “We are still looking closely at what happened and the next steps that need to be taken.”


Kimberly Redmond | Equities.com |

Microsoft Corporation said a group of China-based government hackers exploited a bug in the company’s popular email service that enabled it to gain access to US computers in late January.

In blog post Tuesday, the software giant said a “highly skilled and sophisticated” state-sponsored entity in China hacked its way into Microsoft Exchange servers in order to steal information from a number of organizations, including universities, law firms, i...


Reuters | Equities.com |

A senior Democratic lawmaker said there is a growing appetite for a new federal cybersecurity breach notification law in the wake of a sprawling series of digital intrusions blamed on the Russian government.

The comment, made by Mississippi Representative Bennie Thompson, the chairman of the House’s Homeland Security Committee, comes as cybersecurity executives are facing their second round of congressional questions on Friday over their companies’ roles in the breach centered on Texas software company SolarWinds.


AP News | Equities.com |

Jolted by a sweeping hack that may have revealed government and corporate secrets to Russia, U.S. officials are scrambling to reinforce the nation’s cyber defenses and recognizing that an agency created two years ago to protect America’s networks and infrastructure lacks the money, tools and authority to counter such sophisticated threats.

The breach, which hijacked widely used software from Texas-based SolarWinds Inc., has exposed the profound vulnerability of civilian government networks and the limitations of efforts to detect threats.