Network Security Cyber Espionage News

"U.S. and U.K. Issue Warnings on Russian Hackers Targeting Infrastructure"

U.S. and U.K. intelligence agencies have warned of Russian hackers exploiting now-patched flaws in Cisco networking equipment to conduct reconnaissance and deploy malware against select targets. The activity has been attributed to APT28, which is affiliated with the Russian General Staff Main Intelligence Directorate (GRU). The threat actor weaponized the vulnerability to deploy a non-persistent malware dubbed Jaguar Tooth on Cisco routers that's capable of gathering device information and enabling unauthenticated backdoor access. The attacks are part of a broader campaign against aging networking appliances and software from a variety of vendors to "advance espionage objectives or pre-position for future destructive activity."