Rewterz Threat Advisory – CVE-2022-26850 – Apache NiFi Vulnerability
April 7, 2022Rewterz Threat Advisory – Multiple Cisco Vulnerabilities
April 7, 2022Rewterz Threat Advisory – CVE-2022-26850 – Apache NiFi Vulnerability
April 7, 2022Rewterz Threat Advisory – Multiple Cisco Vulnerabilities
April 7, 2022Severity
Medium
Analysis Summary
Anonymous collective has leaked the names, ranks, and other personal information of Russian military officers stationed at Bucha. They have also leaked 900,000 emails from All-Russia State Television and Radio Broadcasting Company (VGTRK).
“Over 20 years, 900,000 emails and 4,000 files from VGTRK / ВГТРК (All-Russia State Television and Radio Broadcasting Company / Всероссийская государственная телевизионная и радиовещательная компания), a Russian state-owned broadcaster which operates five national TV stations, two international networks, five radio stations, and over 80 regional TV and radio networks. The Russian government has declared VGTRK essential for the “security of the state.”“ reads the description of the leak.
The group has also claimed to hack the Russian Orthodox Church‘s charitable wing and has leaked 15G of the breached data. The collective informed that due to the nature of the data, it is being offered to researchers and journalists.
Russian oligarchs’ businesses (Marathon Group) have also become the target of Anonymous. A 52Gb archive of the emails has also been leaked by Anonymous.
Impact
- Cyber Espionage
- Cyber Warfare
Remediation
- Antivirus – Enable antivirus and anti-malware software and update signature definitions in a timely manner.
- 2FA – Enable two-factor authentication.
- Patch – Patch and upgrade any platforms and software timely. Prioritize patching known exploited vulnerabilities.
- WAF – Set up a Web Application Firewall with rules to block suspicious and malicious requests.
- Admin Access – limit access to administrative accounts and portals to only relevant personnel and make sure they are
- not publicly accessible.
- Passwords – Implement strong passwords.
- Logging – Log your eCommerce environment’s network activity and web server activity