Friday, July 10, 2026
spot_img
HomeInnovationRussian foreign intelligence service exploiting five vulnerabilities to US and allied networks

Russian foreign intelligence service exploiting five vulnerabilities to US and allied networks

NEW YORK, USA – The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly released a Cybersecurity Advisory, “Russian SVR Targets U.S. and Allied Networks,” Thursday to expose ongoing Russian Foreign Intelligence Service (SVR) exploitation of five publicly known vulnerabilities.

This advisory is being released alongside the US government’s formal attribution of the SolarWinds supply chain compromise and related cyber-espionage campaign. We are publishing this product to highlight additional tactics, techniques, and procedures being used by SVR so that network defenders can take action to mitigate against them.

Mitigation against these vulnerabilities is critically important as US and allied networks are constantly scanned, targeted, and exploited by Russian state-sponsored cyber actors. In addition to compromising the SolarWinds Orion software supply chain, recent SVR activities include targeting COVID-19 research facilities via WellMess malware and targeting networks through the VMware vulnerability disclosed by NSA. This was highlighted in NSA’s Cybersecurity Advisory, “Russian State-Sponsored Actors Exploiting Vulnerability in Workspace ONE Access Using Compromised Credentials.”

NSA, CISA, and FBI strongly encourage all cybersecurity stakeholders to check their networks for indicators of compromise related to all five vulnerabilities and the techniques detailed in the advisory and to urgently implement associated mitigations. NSA, CISA, and FBI also recognize all partners in the private and public sectors for comprehensive and collaborative efforts to respond to recent Russian activity in cyberspace.

NSA encourages its customers to mitigate against the following publicly known vulnerabilities:

  • CVE-2018-13379 Fortinet FortiGate VPN
  • CVE-2019-9670 Synacor Zimbra Collaboration Suite
  • CVE-2019-11510 Pulse Secure Pulse Connect Secure VPN
  • CVE-2019-19781 Citrix Application Delivery Controller and Gateway
  • CVE-2020-4006 VMware Workspace ONE Access
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Caribbean News

ECCB unveils new EC banknotes featuring national heroes and regional icons

BASSETERRE, ST Kitts — The Eastern Caribbean (EC) banknotes have been redesigned to honour the people, heritage and achievements of the eight member countries of the Eastern Caribbean Currency Union (ECCU). Governor of the Eastern Caribbean Central Bank (ECCB), Timothy N.J. Antoine, has unveiled the new designs, marking a historic milestone in the evolution of EC currency. For the first time, the banknotes will no longer feature the likeness of the late Queen...

Global News

Taiwan strongly opposes China’s ethnic unity and progress promotion law

MOFA urges international community to jointly counter authoritarian expansionism TAIPEI, Taiwan - The Ministry of Foreign Affairs (MOFA) expresses strong condemnation and solemn opposition...
Social Media Auto Publish Powered By : XYZScripts.com