Russian State-Backed Hackers Gained Access to NGO Cloud After Exploiting DUO MFA Protocols
metacurity.substack.com
Russian State-Backed Hackers Gained Access to NGO Cloud After Exploiting DUO MFA Protocols
Ukraine detained hacker for helping Russian troops route phone calls, Germany urges replacement of Kaspersky AV, Banks fear Russian SWIFT attacks, Technicians keep Ukraine's internet running, more
Share
Russian State-Backed Hackers Gained Access to NGO Cloud After Exploiting DUO MFA Protocols
metacurity.substack.com
The FBI said Russian state-backed hackers gained access to a non-governmental organization (NGO) cloud after enrolling their own device in the organization's Duo MFA following the exploitation of misconfigured default multifactor authentication (MFA) protocols.
In a joint advisory, the Bureau and the Cybersecurity and Infrastructure Security Agency (CISA) FBI and CISA urged all organizations to enforce MFA and review configuration policies to protect against "fail open" and re-enrollment scenarios, ensure inactive accounts are disabled uniformly across the Active Directory and MFA systems and patch all systems and prioritize patching for known exploited vulnerabilities. (Sergiu Gatlan / Bleeping Computer)
Related: Reddit - cybersecurity, InsideCyberSecurity.com, VentureBeat, Duo Security Bulletin, Cisco Blog, Cisco Blog, Duo Security Bulletin, Homeland Security Today, CISA
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.