FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug
FBI and CISA warn that Russian state-sponsored hackers are exploiting misconfigured multi-factor authentication (MFA) protocols and vulnerabilities in the Windows Print Spooler for cyberattacks.
“As early as May 2021, Russian state-sponsored cyber actors took advantage of a misconfigured account set to default [multi-factor authentication] protocols at a non-governmental organization (NGO), allowing them to enroll a new device for MFA and access the victim network,” the agencies said.
To mitigate such attacks, both CISA and FBI are recommending organizations to enforce and review multi-factor authentication configuration policies, disable inactive accounts in Active Directory, and prioritize patching for known exploited flaws.
Read the full article here – https://thehackernews.com/2022/03/fbi-cisa-warn-of-russian-hackers.html