Today, CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization to provide network defenders with the tactics, techniques, and procedures (TTPs) utilized by a threat actor and methods to protect against similar exploitation.
Following an incident response assessment of a state government organization’s network environment, analysis confirmed compromise through network administrator credentials of a former employee. This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point.
CISA and MS-ISAC encourage network defenders and organizations review the TTPs and implement the mitigations provided in the joint CSA. For more information, visit CISA’s Cross-Sector Cybersecurity Performance Goals.
Systems Affected Any system running Microsoft Windows (Windows 95 and newer) that are used…
Systems Affected Microsoft Windows systems running Internet Explorer 5.01 Internet Explorer 5.50 Internet Explorer…
Systems Affected Check Point Firewall-1 NG FCS Check Point Firewall-1 NG FP1 Check Point…
Systems Affected Systems running Microsoft Windows Overview Microsoft Windows contains multiple vulnerabilities,…
Systems Affected Systems running Microsoft Office XP and Outlook 2002 Overview There…
Systems Affected Applications and systems that use the OpenSSL SSL/TLS library Overview …
This website uses cookies.