Russian State-Backed Hackers Gained Access to NGO Cloud After Exploiting DUO MFA Protocols
Ukraine detained hacker for helping Russian troops route phone calls, Germany urges replacement of Kaspersky AV, Banks fear Russian SWIFT attacks, Technicians keep Ukraine's internet running, more
The FBI said Russian state-backed hackers gained access to a non-governmental organization (NGO) cloud after enrolling their own device in the organization's Duo MFA following the exploitation of misconfigured default multifactor authentication (MFA) protocols.
In a joint advisory, the Bureau and the Cybersecurity and Infrastructure Security Agency (CISA) FBI and CISA urged all organizations to enforce MFA and review configuration policies to protect against "fail open" and re-enrollment scenarios, ensure inactive accounts are disabled uniformly across the Active Directory and MFA systems and patch all systems and prioritize patching for known exploited vulnerabilities. (Sergiu Gatlan / Bleeping Computer)