From 859a0408d6eccff9c658b5ab4bdf87ca7311601b Mon Sep 17 00:00:00 2001 From: DGOV-Bryce <114981924+DGOV-Bryce@users.noreply.github.com> Date: Fri, 6 Sep 2024 11:59:11 +0800 Subject: [PATCH] 20240906001 (#974) * 20240906001 * Format markdown docs --------- Co-authored-by: DGOV-Bryce --- .../20240906001-CISA-Joint-Advisory.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 docs/advisories/20240906001-CISA-Joint-Advisory.md diff --git a/docs/advisories/20240906001-CISA-Joint-Advisory.md b/docs/advisories/20240906001-CISA-Joint-Advisory.md new file mode 100644 index 00000000..ace6c923 --- /dev/null +++ b/docs/advisories/20240906001-CISA-Joint-Advisory.md @@ -0,0 +1,17 @@ +# CISA Releases New Joint Advisory - 20240906001 + +## Overview + +CISA, along with numerous partners (including the FBI, NSA, ASD's ACSC, and many other national security and intelligence agencies) have released a joint advisory on the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155). GRU Unit 29155 have been responsible for computer network operations against global targets and critical infrastructure for the purposes of espionage, sabotage, and reputational harm since at least 2020. + +## Recommendation + +The WA SOC recommends administrators review relevant advisories and apply the recommended actions to all affected devices. + +Russian Military Cyber Actors Target US and Global Critical Infrastructure: + +The key immediate recommended mitigations include: + +- Prioritising routine system updates and remediating known exploited vulnerabilities. +- Segmenting networks to prevent the spread of malicious activity. +- Enabling phishing-resistant multifactor authentication (MFA) for all externally facing account services, especially for webmail, virtual private networks (VPNs), and accounts that access critical systems.