Skip to main content

Microsoft is warning that a Russian group that was involved with the 2016 DNC hack is attacking corporate networks in a fresh attack against high-value targets.

In a blog post (via ZDNet), the Microsoft Threat Intelligence Center says the Russian hacking group known as Strontium (perhaps more widely known as Fancy Bear) is responsible for the new attack, which occurred in April.

According to Microsoft, the attack went after "a VOIP phone, an office printer, and a video decoder," exploiting some pretty poor security measures that we're all likely guilty of to gain access: unchanged default passwords. 

The investigation uncovered that an actor had used these devices to gain initial access to corporate networks. In two of the cases, the passwords for the devices were deployed without changing the default manufacturer’s passwords and in the third instance the latest security update had not been applied to the device.

Once inside the network, the hackers were able to scan for other insecure devices, which allowed them to look for more valuable targets within the network and thereby access valuable data. Microsoft says the company stopped this particular attack in its early stages and, thus aren't exactly sure what the group was targeting.  read the rest here

If you like something I've posted please feel free to click the "like" button!

Original Post

Add Reply

Post
×
×
×
×
Link copied to your clipboard.
×
×