FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug

FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug

Comments Off on FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug

FBI and CISA warn that Russian state-sponsored hackers are exploiting misconfigured multi-factor authentication (MFA) protocols and vulnerabilities in the Windows Print Spooler for cyberattacks.

“As early as May 2021, Russian state-sponsored cyber actors took advantage of a misconfigured account set to default [multi-factor authentication] protocols at a non-governmental organization (NGO), allowing them to enroll a new device for MFA and access the victim network,” the agencies said.

To mitigate such attacks, both CISA and FBI are recommending organizations to enforce and review multi-factor authentication configuration policies, disable inactive accounts in Active Directory, and prioritize patching for known exploited flaws.

Read the full article here – https://thehackernews.com/2022/03/fbi-cisa-warn-of-russian-hackers.html

Share this post

Author

Related Posts

28Apr

U.S Cybersecurity Agency Lists 2021’s Top 15 Most Exploited Software Vulnerabilities

According to the "Top Routinely Exploited Vulnerabilities" report released... read more

HIPAA Cybersecurity, Compliance Essentials, Organization checklist,
05Sep

The Importance of Cybersecurity in Healthcare

Cyberattacks are a particular worry for the healthcare industry... read more

28Jun

Cybersecurity Experts Warn of Emerging Threat of “Black Basta” Ransomware

Cybersecurity experts warn of emerging threat "Black Basta" ransomware.... read more

08Mar

Google to acquire cybersecurity firm Mandiant for $5.4 billion

Google is officially buying cybersecurity company Mandiant in an... read more

09Feb

Microsoft Disables Internet Macros in Office Apps by Default to Block Malware Attacks

Microsoft disables internet-based VBA macros by default in Office... read more

Christmas Holiday Season Cybersecurity Threat Overview
14Dec

Holiday Season Cybersecurity Threat Overview

During the holiday season, businesses of all sizes see... read more

22Mar

U.S. Government Warns Companies of Potential Russian Cyberattacks

The U.S. government has again warned of possible cyberattacks by Russia... read more

13Sep

Protect Healthcare Data With These Cybersecurity Tips

These healthcare cybersecurity best practises are intended to keep... read more

21Jan

Biden Signs Memo to Boost National Cybersecurity

President Biden has signed a National Security Memorandum requiring... read more

19Apr

FBI, U.S. Treasury and CISA Warn of North Korean Hackers Targeting Blockchain Companies

U.S. government has issued a new warning about North... read more