Total Tests:

Microsoft warns SolarWinds hacking group Nobelium is targeting its customers

By Duncan Riley for SiliconANGLE
Tuesday, June 29, 2021

In addition, Microsoft SRC detected information-stealing malware on a machine belonging to one of its customer support agents. The threat actor used the information in some cases to launch highly targeted attacks.

“The exposed hacking campaign brings compelling evidence that the overall cybersecurity hygiene is largely deficient,” Ilia Kolochenko, founder and chief executive of web security company ImmuniWeb, told SiliconANGLE. “For instance, password spraying and credential-stuffing attacks are preventable by enabling multifactor authentication, restricting access to the accounts from specific networks or at least countries, and can be easily spotted by anomaly detection systems.”

Phishing is another common phenomenon that can be mitigated by ongoing security awareness and training programs for employees, Kolochenko noted, adding that security training when combined with continuous monitoring, threat detection systems and sandboxing can reduce the risk to near zero even when an employee makes a mistake.

“Attacks on mobile devices and BYOD is another hot topic, but master data management systems can likewise artfully reduce the related cyber risks,” Kolochenko said. “Therefore, organizations need to invest in cybersecurity baselines and implement a consistent information security strategy. Otherwise, even technically unsophisticated attacks will continue their surge.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
Your data will stay private and confidential