The U.S. Cybersecurity & Infrastructure Security Agency (CISA) on Thursday disclosed that an unnamed federal agency had been the victim of a cyberattack in which a hacker accessed its network.
The intruder implanted malware that avoided the agency's safeguards, and infiltrated the network by using valid access credentials for multiple users' Microsoft 365 and domain administrator accounts.
CISA said the hacker was able to browse directories, copy at least one file, and exfiltrate data.
The agency added that the hacker may have acquired the credentials by exploiting a known flaw in Pulse Secure virtual private network servers.
CISA learned of the attack through an intrusion detection system that monitors federal civilian agencies.
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found