Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Writing about…? Russian APT29 Actors Using Government Websites To Deliver Malicious Code

September 2024 by Adam Maruyama, Field CTO at Garrison Technology

Adam Maruyama, Field CTO at Garrison Technology (and former intelligence officer), shares the below commentary on Russian APT29 actors using compromised government websites to deliver malicious code created by spyware vendors:

“What’s interesting about the latest threat research is the combination of commercial surveillance grade vulnerabilities with advanced delivery techniques – the compromise of legitimate websites to create “watering holes” – to deliver the attack code. The use of watering hole attacks circumvents traditional web security controls like URL categorization filters because the owner of the site and the human-readable content hosted there are legitimate, leaving only a few layers of protection between the end user’s device and the malicious webcode. This threat becomes even more acute on mobile devices, where few users have endpoint protection products to stop even known exploits, leaving unpatched devices vulnerable. Organizations should be making sure they deploy high-assurance, defense-grade cybersecurity technologies like hardware-enforced browser isolation which can dramatically reduce the risk of such attacks by pushing code execution off of the end user device and into a sandboxed environment. Putting the code execution in a sandbox ensures that the user has access to the information presented on the page – which may be critical for topics like government-to-government partnerships – but is not exposed to malicious code presented when a less-secure government’s websites are turned into watering holes.”


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts