• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

CISA: Fix MFA and Patch Promptly to Stop Russian Attackers

You are here: Home / General Cyber Security News / CISA: Fix MFA and Patch Promptly to Stop Russian Attackers
March 16, 2022

The US authorities have issued a new inform warning of Russian point out-backed malicious activity involving exploiting a well-known bug in Windows Print Spooler learned previous calendar year.

The US Cybersecurity and Infrastructure Security Company (CISA) explained that Russian actors experienced been spotted exploiting the PrintNightmare bug (CVE-2021-34527) back in Could 2021, targeting an unnamed NGO.

This was section of an attack chain that commenced when they exploited a misconfigured account established to default multi-factor authentication (MFA) protocols, allowing for them to enroll a new system for MFA and accessibility the victim’s network.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


PrintNightmare then enabled the attackers to operate arbitrary code with program privileges and subsequently access cloud and email accounts for doc exfiltration.

The warn lists multiple mitigations that CISA urges all corporations to utilize, such as imposing MFA and reviewing configuration policies to guard versus “fail open” and re-enrollment eventualities.

It also asks organizations to make sure inactive accounts are disabled throughout Energetic Listing and MFA devices and that patches are prioritized for recognised exploited vulnerabilities.

“At CISA, we are excellent believers in MFA. It continues to be one particular of the most successful measures persons and corporations can consider to decrease their risk to destructive cyber exercise. This advisory demonstrates the crucial that corporations configure MFA thoroughly to maximize effectiveness,” stated CISA director Jen Easterly.

“Now, a lot more than at any time, companies ought to put their shields up to safeguard in opposition to cyber-intrusions, which usually means implementing the mitigations in this advisory including implementing MFA for all buyers without exception, patching regarded exploited vulnerabilities, and ensuring MFA is executed securely.”

The PrintNightmare zero-day was initial discovered unintentionally by Chinese researchers in July 2021. It is a distant code execution vulnerability that exists when the Windows Print Spooler assistance improperly performs privileged file operations, enabling attackers to operate arbitrary with procedure privileges.


Some pieces of this article are sourced from:
www.infosecurity-magazine.com

Previous Post: «axonius expands uk & emea partner programme Axonius expands UK & EMEA partner programme
Next Post: Germany advises against using Kaspersky software due to hacking risk germany advises against using kaspersky software due to hacking risk»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support
  • The IT Pro Podcast: Going passwordless
  • Podcast transcript: Going passwordless

Copyright © TheCyberSecurity.News, All Rights Reserved.