The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just put out a bulletin numbered AA22-074A, with the dramatic title Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and "PrintNightmare" Vulnerability.
To sidestep rumors based on the title alone (which some readers might interpret as an attack that is going on right now), and instead to reinforce the lessons that CISA hopes this incident can teach us, here's what you need to know.
Fortunately, the overall story is simply and quickly told.
The attack dates back to May 2021, and the victim was an non-government organisation, or NGO, un-named by CISA.
From Naked Security by Sophos
View Full Article