Metacurity

Share this post

Russian State-Backed Hackers Gained Access to NGO Cloud After Exploiting DUO MFA Protocols

metacurity.substack.com

Russian State-Backed Hackers Gained Access to NGO Cloud After Exploiting DUO MFA Protocols

Ukraine detained hacker for helping Russian troops route phone calls, Germany urges replacement of Kaspersky AV, Banks fear Russian SWIFT attacks, Technicians keep Ukraine's internet running, more

Cynthia Brumfield
Mar 16, 2022
∙ Paid
1
Share
Share this post

Russian State-Backed Hackers Gained Access to NGO Cloud After Exploiting DUO MFA Protocols

metacurity.substack.com

The FBI said Russian state-backed hackers gained access to a non-governmental organization (NGO) cloud after enrolling their own device in the organization's Duo MFA following the exploitation of misconfigured default multifactor authentication (MFA) protocols.

In a joint advisory, the Bureau and the Cybersecurity and Infrastructure Security Agency (CISA) FBI and CISA urged all organizations to enforce MFA and review configuration policies to protect against "fail open" and re-enrollment scenarios, ensure inactive accounts are disabled uniformly across the Active Directory and MFA systems and patch all systems and prioritize patching for known exploited vulnerabilities. (Sergiu Gatlan / Bleeping Computer)

Related: Reddit - cybersecurity, InsideCyberSecurity.com, VentureBeat, Duo Security Bulletin, Cisco Blog, Cisco Blog, Duo Security Bulletin, Homeland Security Today, CISA

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing