CISA issues warning that Russian hackers are bypassing two-factor authentication | #android | #security


2fa is great, but not perfect

computer-users-unsplash

Two-factor authentication (2FA) can be an important component of the steps you take to keep your accounts and data secure, but it’s not without its flaws. As if the existing threats weren’t concerning enough, now we’re learning about how Russian state-sponsored hackers are undermining authentication in supposedly secure systems and disguising their access as that of legit account holders.

As early as May 2021, hackers exploited accounts linked to an unnamed non-governmental organization (NGO) and were able to access sensitive data, according to a new report from the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA). Weak password choices and a long-dormant account didn’t help the victims here — the attackers were able to get inside the old account, activate it, and enroll it in 2FA. Once the system viewed the hacked account as legit, the cyberattackers could run rampant — and they did, using a major Windows Print Spooler vulnerability, “PrintNightmare.”

ANDROIDPOLICE VIDEO OF THE DAY

PrintNightmare surfaced last summer, and is a pretty serious vulnerability that exposes Windows systems to arbitrary code execution. Once compromised, an attacker can do basically whatever they want, with full system-level permissions. While the incident we’re looking at today didn’t reveal any new vulnerability in 2FA, it does make clear that system hygiene is everything. Whether you’re setting up accounts on a new Galaxy S22 or you’re an admin running an NGO’s entire network, good password practices and killing old, unused accounts are two especially vital steps toward keeping systems secure.

As the BBC reported in February, almost three-quarters of ransomware money ends up in the coffers of hackers linked to Russia alone. If there’s a way to compromise a system for profit or knowledge, chances are good someone — whether solo or state-sponsored — is already working on a way to sneak in (assuming they haven’t found it yet). We’ll just have to keep being vigilant and stay on top of device updates.

android-12l-pixel-6-pro
Google fixes contactless payments bug affecting Pixel users

It was a sneaky issue that didn’t show up immediately

Read Next


About The Author



Original Source link

Leave a Reply

Your email address will not be published.

+ twelve = twenty