In the name of the United States Home Security Agency NSA, cybersecurity infrastructure security agency CISA, and the Federal Bureau of Investigation, the FBI issued a warning against the US attack by the Russian Foreign Intelligence Agency SVR. SVR is exploiting five vulnerabilities, and the NSA is calling for a countermeasure.
Recent activities by SVR, attacks on the Orion Platform of SolarWinds, or hacking against the Corona 19 vaccine research institute using the malware WellMess, etc. are known. Likewise, it is said that it is using a technique to break through authentication by exploiting the vulnerability.
Specifically, the five vulnerabilities used to invade the victim’s device or network are as follows. Fortinet’s FortiOS SSL VPN function vulnerability CVE-2018-13379, Synacor Zimbra Collaboration Suite XML external entity vulnerability CVE-2019-9670, Pulse Secure Pulse Connect Secure) VPN vulnerability CVE-2019-11510, Citrix Application Delivery Controller and Citrix Gateway vulnerability CVE-2019-19781, and VMware command injection vulnerability CVE-2020-4006 .
The NSA says it needs to make SVR’s work difficult by revealing these vulnerabilities. In addition, the Biden regime made it clear that it would engage in sanctions against harmful activities abroad, including this case, and expelled 10 Russian diplomats who appeared to be involved in intelligence agencies and 6 Russian companies that supported cyber attacks. In the US presidential election, a presidential decree was issued that contained assets freeze for 32 corporations or individuals who participated in the spread of misinformation in the US presidential election, and eight corporations and individuals involved in the Crimean merger. Related information can be found here.