Hi All,
The NSA just published Cybersecurity Advisory: Further TTPs associated with SVR cyber actors
This report provides further details of Tactics, Techniques, and Procedures (TTPs) associated with SVR cyber actors. SVR cyber actors are known and tracked in open source as APT29, Cozy Bear, and the Dukes. UK and US governments recently attributed SVR's responsibility for a series of cyber-attacks, including the compromise of SolarWinds and the targeting of COVID-19 vaccine developers. Alongside this attribution, the United States National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Cybersecurity and Infrastructure Security Agency (CISA) released an advisory detailing the exploits most recently used by the group. The FBI, Department of Homeland Security (DHS) and CISA also issued an alert providing information on the SVR's cyber tools, targets, techniques, and capabilities.
------------------------------
Michael Roza CPA, CISA, CIA, MBA, Exec MBA
------------------------------