Security officials from the UK, U.S., and other international partners have issued a joint advisory warning about Russian state-linked cyber actors, specifically APT29 (CozyBear) and APT28, associated with Russia's Foreign Intelligence Service (SVR), adapting their hacking techniques to target cloud-based infrastructure and compromised Ubiquiti EdgeRouters. The advisory, led by agencies including the FBI, NSA, and CISA, highlights the evolving tactics used by these groups as organizations increasingly move to the cloud. The Russian hackers have expanded their targeting to various sectors, including education and military organizations, using compromised internet routers to facilitate their cyber operations. The advisory also mentions the exploitation of an already-patched Microsoft Outlook vulnerability and urges Ubiquiti EdgeRouter users to upgrade their security settings urgently.
The FBI, NSA, U.S. Cyber Command and international partners warned of a Russia-sponsored group exploiting Ubiquiti EdgeRouters and continuing to exploit an already-patched Microsoft Outlook vulnerability. https://t.co/vB8DNu9PA3
Ubiquiti EdgeRouters Hacks May Be Ubiquitous https://t.co/MhzaDMHZ1X
FBI Issues Alert on Russian Threats Targeting Ubiquiti Routers https://t.co/G1CxyiOjP8
Cybersecurity and law enforcement agencies are warning @Ubiquiti EdgeRouter users to urgently upgrade security settings on the devices, a popular target for Russian nation-state hackers. #cybersecurity #infosec #ITsecurity https://t.co/CO4TeV2BCl
We joined US and international partners to publish a cybersecurity advisory highlighting Russian state-sponsored actor APT28’s compromise of EdgeRouters globally. Read more, to include actions users can take to keep APT28 out of their networks, here: https://t.co/t40qHQLCMu
US Government Urges Cleanup of Routers Infected by Russia’s APT28 #cybersecurity https://t.co/MGtMGW7kzd
Russian hackers using "compromised" internet routers for cyber operations, U.S., international law enforcement warn. https://t.co/l1tWTnov4Y
Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations: https://t.co/8aPU5lhRhu by Security Affairs #infosec #cybersecurity #technology #news
Kremlin-backed hackers are infecting Ubiquity EdgeRouters, FBI warns https://t.co/KE74pyRnDx
One of Russia’s elite cyberespionage threat groups, APT29, has modified its hacking methods as entities it spies on move more of their infrastructure into the cloud, according to Western intelligence agencies. #cybersecurity #infosec #ITsecurity https://t.co/kDm3ZamzkH
Following an international operation led by #FBI Boston, we're releasing a joint #CybersecurityAdvisory warning about Russian state-sponsored cyber actors’ use of compromised Ubiquiti EdgeRouters to facilitate malicious cyber operations. Read it here: https://t.co/HHNbUZaB19 https://t.co/PKWrZeIFqM
Longstanding cyberespionage and data collection units tied to Russia’s Foreign Intelligence Service (SVR) are evolving their techniques to gain access to cloud environments, the British, U.S. and partner governments said in an advisory Monday. https://t.co/zgt2UW7Jis https://t.co/yr1Sgrhvxa
CISA & international partners have published an advisory about how a Russian hacker group has adapted its attack techniques to breach cloud environments. @NCSC has seen these hackers expand targeting to more sectors, including education & military orgs. https://t.co/Jst8G6kUGC https://t.co/7BcqcSIKrx
Russian cyber actors are changing their TTPs to exploit the cloud infrastructure of targets around the globe. We joined @NCSC and other partners to release this advisory and recommend enforcing the cybersecurity fundamentals outlined in the guidance. https://t.co/0fM881pTA6 https://t.co/qW6zgQJvLA
In partnership with @NCSC and other U.S. and international partners, we published a joint advisory on SVR cyber actors adapting tactics for initial cloud access. See recommended mitigations: https://t.co/ud6Jgjht2r https://t.co/cxQMCPZI6K
As the world modernizes to cloud-based systems, we need to do all we can to reduce the attack surface exploited by malicious Russian cyber actors. Check out this joint advisory for more details on techniques used by SVR associated actors. https://t.co/NzHxZU1zAh https://t.co/PU8I906em8
„Malicious cyber actors linked to #Russia’s Foreign Intelligence Service (SVR) are adapting their techniques in response to the increasing shift to cloud-based infrastructure, UK and international security officials have revealed.“ #APT29 #CozyBear https://t.co/6RFepagELe
🚨We’ve published a new joint cyber security advisory revealing evolving tactics used by Russian state-linked cyber actors as more organisations move to cloud-based infrastructure ⬇️ https://t.co/qKs8rtJqiR