How many of these are present in your organization?
1.No cybersecurity training for employees
How many of these are present in your organization?
1.No cybersecurity training for employees
The following is from Jim Edman, CISA Cybersecurity Advisor for South Dakota
From the desk of long-time listener, first time submitter Andrew J. Ogan, a call recorded with a group of scammers in India. The investigator does a great job of identifying and frustrating the scammers over the phone. It’s a 14-minute video but he does a good job of explaining each step along the way on his call. The initial scam is in regards to an expired Norton anti-virus subscription with the ultimate goal of the scammers to empty his bank account. Unfortunately, far too many Americans fall for these types of scams. https://youtu.be/j0c_I7MWB1U
The following tip was provided by our friend, Jim Edman, CISA Cybersecurity Advisor for South Dakota.
We spend a majority of time talking about the software and hardware vulnerabilities and related aspects of cybersecurity. It’s important that we remember the physical aspects also. Though we are a small state and considered by some to be somewhat geographically isolated, a critical aspect of cybersecurity continues to be the physical aspects. Reports surfaced this week of Russian nationals attempting to gain access to critical infrastructure facilities across the country. Recommendations for in-person and voice I/T support include:
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint cybersecurity advisory on Tuesday with technical details, mitigations, and resources regarding previously demonstrated ability of Russian state-sponsored cyber actors to gain network access through exploitation of default multifactor authentication (MFA) protocols and a known vulnerability in Windows Print Spooler, “PrintNightmare.”
As early as May 2021, the Russian state-sponsored cyber actors took advantage of a misconfigured account set to default MFA protocols at a non-governmental organization, allowing them to enroll a new device for MFA and access the victim’s network. The actors then exploited a critical vulnerability “PrintNightmare” (CVE-2021-34527) to run arbitrary code with system privileges, and then were able to access cloud and email accounts for document exfiltration.