Displaying items by tag: Russia

GUEST OPINION by Jen Ellis, Vice President, Community and Public Affairs, Rapid7: The Colonial Pipeline attack was significant in that it put cybercrime front and centre of the evening news and we saw US President Biden not only talking about the subject, but also raising it directly as a priority with Russia's President Putin. In the weeks that followed the attack, we saw the G7 talk about ransomware at their annual summit and make commitments to work together to tackle the issue.

Russian security firm Kaspersky is facing a fresh probe into its anti-virus software, which has been stepped up since the Russian invasion of Ukraine, a report claims.

A senior cyber security researcher at the Cybersecurity Centre for Security Studies run by ETH Zurich says while a Microsoft report on cyber operations during the Russia-Ukraine war offers some useful details it says little about the impact of these operations.

Security firm Mandiant says it has not mentioned any zero-day exploit usage by Western government agencies in a report about incidents in 2021 because it did not find any exploits which it could identify with reasonable confidence as coming from these sources.

Nokia has announced that it will be exiting the Russian market.

The American website ZDNet says numerous threat groups are linked to various countries and claims this is based on findings by the ICS security specialist firm Dragos.

American security company WatchGuard has been accused of withholding full details of a remotely exploitable vulnerability in its firewall devices until news broke that the flaw was being exploited by attackers from Russia's military to assemble a botnet, according to a report in the American website Ars Technica.

The chief executive of an American company that specialises in the security of industrial control systems is not exactly enthusiastic about governments forcing companies to report incidents that affect such systems, given that sharing of information from the government side is limited.

Finnish telecommunications equipment provider Nokia has termed as "misleading" claims made by The New York Times about the company's role in Russia's lawful intercept system.

Apple's output of the iPhone SE will drop by a fifth in the coming quarter, indicating that the Russia-Ukraine conflict and fears of inflation have affected demand for the device, a report claims.

Russian security products vendor Kaspersky has been added to the US Covered List which includes foreign companies that are considered to pose "an unacceptable risk to US national security".

Security researchers have been urged to send reports of any bugs they find directly to the companies affected after the bug bounty firm HackerOne cut off payments to Ukrainian researchers for a while after their country was invaded by Russia.

Steps to mitigate attacks against industrial control systems, outlined by three US Government entities — the Cybersecurity and Infrastructure Security Agency, the FBI and the Department of Energy — have come in for some sharp criticism from Robert M. Lee, the chief executive of Dragos, a company that specialises in security for such systems.

GUEST OPINION: The conflict between Russia and Ukraine is raging not only in the physical realm but also on the cyber front, where governments, hacktivist groups, and individuals are trying to play their part. Here we analyse some examples of the cyberattacks that have taken place as part of the current conflict and review their methods and impact.

Infosec professionals are often depicted as people who see things in ones and zeroes and generally stick to reality. But in truth, some of them are better spinmeisters than the famed PR guru Max Markson.

The maintainer of the node-ipc package, a node.js module for local and remote inter-process communication, added code to some of its nested dependencies, resulting in files on computers with Russian or Belarussian IPs being wiped, a security firm claims.

A warning by the German Federal Office of Information Security against the use of Kaspersky products had no technical advice or objective evidence to back it up, the chief executive of the Russian security firm says.

The automotive and communications sectors are the two most likely to be hit by business disruptions due to semiconductor shortages being compounded by the ongoing Russia-Ukraine conflict, the technology analyst firm Gartner says.

The German Federal Office for Information Security [German acronym BSI] has recommended that users replace anti-virus software made by Russian vendor Kaspersky with other products, a warning that the company has dismissed as being driven by political considerations.

The Australian National Press Club has shown that it is no longer part of the Fourth Estate, by imposing a blanket of censorship on the Russian Ambassador to Australia, Alexey Pavlovsky.