This article is contributed. See the original author and article here.
CISA has joined with the United Kingdom’s National Cyber Security Centre (NCSC), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA), in releasing a Joint Cybersecurity Advisory on Russian Foreign Intelligence Service (SVR) tactics, techniques, and procedures. Further TTPs associated with SVR cyber actors provides additional details on SVR activity including exploitation activity following their initial compromise of SolarWinds Orion software supply chain.
CISA has also released Fact Sheet: Russian SVR Activities Related to SolarWinds Compromise that provides summaries of three key joint publications that focus on SVR activities related to the SolarWinds Orion supply chain compromise.
CISA strongly encourages users and administrators to review the joint advisory as well as the other two advisories summarized on thefact sheetfor mitigation strategies to aid organizations in securing their networks against Russian SVR activity.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.