In Their Words – A roadmap for targeting RU Systems
10/2023
Department of the Federal Service for
Heads of organizations
Federal District
Merah
0 security of the Federation’s infrastructure to improve the Russian information.
An analysis of information about threats to information security, carried out by specialists from the FSTEC of Russia in the current situation, shows that foreign hacker groups are exploiting software vulnerabilities when carrying out computer attacks on the information infrastructure of the Russian Federation. actively
In order to prevent the implementation of threats to information security associated with the exploitation of vulnerabilities, we ask you to ensure the immediate implementation of organizational and technical measures, the decision on the need to implement which was made by the FSTEC of Russia (a list of vulnerabilities and measures taken to eliminate them is attached).
Lists of vulnerabilities and measures taken to eliminate them must be filled out, signed by the head of the organization, and organized for recording and storage in the organization’s records management.
Lists of vulnerabilities and measures taken to eliminate them must be submitted to specialists of the Office of the Federal Service for Technical and Export Control of Russia in the Central Federal District when assessing the implementation of measures to improve the security of the information infrastructure.
Appendix: List of vulnerabilities and measures taken to eliminate them
List of threats
Supervisor
MANAGEMENT OF FSTECROSSinzo
THE DOCUMENT IS SIGNED WITH AN ELECTRONIC Signature
O. Raikov
Subparagraph “e” of paragraph 1 of Decree of the President of the Russian Federation of May 1, 2022 No. 250 “On additional measures to ensure information security of the Russian Federation”
Russian RSS Feeds to track their internal threats and vulnerabilities:
Using the RSS and Atom channels listed below, you can receive information about the latest vulnerabilities and threats added to the database.
RSS feeds:
Latest vulnerability updates: RSS 2.0 , RSS 1.0
20 most dangerous vulnerabilities in the last 7 days: RSS 2.0 , RSS 1.0
Latest 20 vulnerabilities used in computer attacks: RSS 2.0 , RSS 1.0
Latest threat updates: RSS 2.0 , RSS 1.0
RSS (Really Simple Syndication) is an international format specially created for broadcasting information from one site to another or to the user’s computer.
Atom channels:
Latest vulnerability updates: Atom 1.0
20 most dangerous vulnerabilities in the last 7 days: Atom 1.0
Latest 20 vulnerabilities used in computer attacks: Atom 1.0
Latest threat updates: Atom 1.0
ATOM is a syndication format that allows you to describe sets of web resources (news feeds, article announcements, etc.). It solves the same problems as RSS, but arose later and takes into account many of the shortcomings of RSS.
Threats:222 Vulnerabilities:50586 Last update:10/04/2023
You must be logged in to post a comment.