Communications of the ACM
CISA Warning: Russian Actors Bypassed 2FA
CISA did not provide any information about how much data was accessed, how long the attackers stayed inside the network, or what, if anything, was exfiltrated.
Cfredit: nakedsecurity.sophos.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just put out a bulletin numbered AA22-074A, with the dramatic title Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and "PrintNightmare" Vulnerability.
To sidestep rumors based on the title alone (which some readers might interpret as an attack that is going on right now), and instead to reinforce the lessons that CISA hopes this incident can teach us, here's what you need to know.
Fortunately, the overall story is simply and quickly told.
The attack dates back to May 2021, and the victim was an non-government organisation, or NGO, un-named by CISA.
From Naked Security by Sophos
View Full Article
No entries found