The United States government issued a warning about the continued attacks coordinated by the Russian foreign intelligence service SVR, also known as APT29. The statement came jointly through the FBI, the US Department of Homeland Security (DHS), and the Cyber Security and Infrastructure Security Agency (CISA), recently
According to the security organizations involved, the attacks are directed against the United States and foreign organizations. In addition, the Joint Advisory recently released additional information on the tactics, tools, techniques, and capabilities of APT29. This additional information will help protect the networks of government agencies, think tanks, policy analysis organizations, IT companies, and other potential SVR targets.
The current <a href=”https://us-cert.cisa.gov/ncas/alerts/aa21-116a”>security advisory</a> complements a previous one released on April 15, which contains information about vulnerabilities exploited by the Russian-backed APT hacking group to breach national security and government-related networks in the US and around the world. T29 state hackers attacked and breached several cybersecurity companies, including FireEye, Malwarebytes, Mimecast, and US federal and state agencies.
The Tactics, Techniques and Procedures document can be accessed via <a href=”https://us-cert.cisa.gov/ncas/alerts/aa21-116a”>this link</a>.
For more information, read the <a href=”https://www.bleepingcomputer.com/news/security/us-warns-of-russian-state-hackers-still-targeting-us-foreign-orgs/” target=”_blank” rel=”noopener”>original story</a> in Bleeping Computer