Russia State-Sponsored Hackers Used Misconfigured MFA to Breach NGO

Russian hackers exploited a misconfigured Cisco Duo multifactor authentication (MFA) account at a nongovernment organization. They created a rogue account and used it to exploit a known Windows Print Spooler vulnerability, aka PrintNightmare. The FBI and CISA recommend reviewing MFA policies to prevent such a re-enrollment action, and making sure all software is updated, patched, and not prone to known flaws. The actors gained the credentials via brute-force password guessing attack, allowing them access to a victim account.”]

Source: https://www.darkreading.com/application-security/russia-state-sponsored-hackers-used-misconfigured-mfa-to-breach-ngo

Something Fresh

What to Know About The Jamaica Data Protection Act

St Vincent and the Grenadines embracing CariSECURE

Jamaica's Gov’t Looking to Finalize Data Protection Act Regulations

What People Reading

Feedback and data-driven updates to Googles disclosure policy

Mozilla Says Google's New Ad Tech - FLoC - Doesn't Protect User Privacy

Launching AnonLeaks, Ready To Dump More HBGary E-mails!

Selling technology to cops, part 2

RSA: Geolocation shows just how dead privacy is

Categories

Partners

Just add here your partners image or promo text