|
The Technical Zone... The Geeky forum... Use this forum to discuss technical aspects of email, from authentication protocols to encryption. |
|
Thread Tools |
17 Mar 2022, 01:26 PM | #1 |
Essential Contributor
Join Date: Aug 2009
Location: Canada
Posts: 296
|
CISA warning: “Russian actors bypassed 2FA” – what happened and how to avoid it
This is not of concern to most users, just Windows Server I think. Expect more like these, this was May 2021.
The US Cybersecurity and Infrastructure Security Agency (CISA) has just put out a bulletin numbered AA22-074A, with the dramatic title Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability. |
27 Mar 2022, 10:35 PM | #2 |
Cornerstone of the Community
Join Date: Jul 2011
Posts: 713
|
Thanks for the heads up on this -- please keep posting things like this, still very relevant considering the current situation with Russia/Ukraine, etc...
|
27 Mar 2022, 10:46 PM | #3 |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,742
|
So often these hacks start with a stolen password or in some cases the password is guessed or brute forced due to a poor password. Individuals can avoid almost all hacks if they just do a few simple things:
|
27 Mar 2022, 11:57 PM | #4 |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,945
|
|
28 Mar 2022, 12:04 AM | #5 |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,742
|
Yes, I would agree that it is usually safe to click on a message in an email to sign in if you were just signing in to something. However, avoid clicking on links in emails that were unsolicited even if they appear completely genuine. For example, I receive a reminder to pay my credit card bill, but I don't click the link in the email--instead I go direct to the site and login to pay.
|
28 Mar 2022, 12:20 AM | #6 |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,945
|
In my case the message from the bank is "your credit card statement is ready. Login to our internet banking and see it there" (mind you, there is no link to the banking site).
|
28 Mar 2022, 12:23 AM | #7 |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,742
|
In most cases, my bank and credit card notices include links to click on--I don't do it. My bank statement notice arrived this morning and included a link to go see it.
|