Russian hackers have adopted new cyber tactics, techniques and procedures for attacking targets in the U.S. and elsewhere after their earlier methods were exposed, several government agencies said Thursday.
Security agencies in the U.S. and United Kingdom issued a joint advisory warning about recent activity they have attributed to hackers acting on behalf of the Russian Foreign Intelligence Service, or SVR.
Known also by names including APT29 and Cozy Bears, the hackers recently began leveraging a vulnerability affecting Microsoft Exchange Server that became publicly known in March, the advisory said.
Additionally, the unclassified, 14-page advisory said the hackers were recently spotted using an open-source, command-and-control framework called Silver after gaining initial access to victim network.
The advisory was issued jointly by the FBI, U.S. National Security Agency (NSA), U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the U.K. National Cyber Security Centre (NCSC).