Sign In

Communications of the ACM

ACM News

CISA Warning: Russian Actors Bypassed 2FA

View as: Print Mobile App Share:

CISA did not provide any information about how much data was accessed, how long the attackers stayed inside the network, or what, if anything, was exfiltrated.


The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just put out a bulletin numbered AA22-074A, with the dramatic title Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and "PrintNightmare" Vulnerability.

To sidestep rumors based on the title alone (which some readers might interpret as an attack that is going on right now), and instead to reinforce the lessons that CISA hopes this incident can teach us, here's what you need to know.

Fortunately, the overall story is simply and quickly told.

The attack dates back to May 2021, and the victim was an non-government organisation, or NGO, un-named by CISA.

From Naked Security by Sophos
View Full Article



No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account