[CDP-development] CISA, FBI, NSA and UK NCSC Issue Joint Advisory on Russian Cyber Actors' Malicious Cyber Activity
Masse, Theresa
theresa.masse at cisa.dhs.gov
Tue Apr 18 08:48:43 PDT 2023
FYSA
The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and the UK National Cyber Security Centre (NCSC) released a joint advisory<https://www.cisa.gov/news-events/alerts/2023/04/18/apt28-exploits-known-vulnerability-carry-out-reconnaissance-and-deploy-malware-cisco-routers> to provide details of tactics, techniques and procedures (TTPs) associated with Advanced Persistent Threat (APT28) exploitation of Cisco routers in 2021.
APT28 - a threat group attributed to Russia's military intelligence service the GRU - has been observed taking advantage of poorly configured networks and exploiting a known vulnerability to deploy malware and access Cisco routers worldwide. In 2021, a series of attacks were carried out against a small number of US government institutions, organizations based in Europe and around 250 Ukrainian victims for reconnaissance, with malware called "Jaguar Tooth" being deployed against some targeted devices to enable unauthenticated access.
The authoring agencies strongly recommends organizations follow the mitigation advice to defend against this activity. This includes applying the security update released by Cisco to address the vulnerability CVE-2017-6742.
Theresa A. Masse
Cybersecurity State Coordinator/Advisor, Region 10 (Oregon)
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Phone: (503) 930-5671
Email: theresa.masse at cisa.dhs.gov<mailto:theresa.masse at cisa.dhs.gov>
[cid:image001.png at 01D971D2.864B4150]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230418/09150f9b/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 16152 bytes
Desc: image001.png
URL: <https://omls.oregon.gov/pipermail/cdp-development/attachments/20230418/09150f9b/attachment-0001.png>
More information about the CDP-development
mailing list