Russians Exploiting Default MFA Protocols and “PrintNightmare” Vulnerability
Other | 03/15/2022The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to warn organizations that Russian state-sponsored cyber actors have gained network access through exploitation of default MFA protocols and a known vulnerability. As early as May 2021, Russian state-sponsored cyber actors took advantage of a misconfigured account set to default MFA protocols at a non-governmental organization (NGO), allowing them to enroll a new device for MFA and access the victim network.
To read more, please log in
This site is operated by NetDiligence®. Links found within this site may open a new browser window and take you outside the eRiskHub to another website, the contents of which are maintained by third parties over whom NetDiligence has no control. We provide links to these external sites for your convenience and awareness. We accept no responsibility for the content of linked sites. Upon request of the content source, we will remove links.
© =date('Y');?> NetDiligence®, A Company of Network Standard Corporation