  • Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

CISA says hackers breached federal agency using GeoServer exploit

erek

erek

[H]F Junkie
2FA
Joined
Dec 19, 2005
Messages
13,513
"After the attackers' malicious activity triggered additional EDR alerts, the SOC team isolated the server and launched an investigation with CISA's assistance.

CISA is now urging network defenders to expedite patching critical vulnerabilities (especially those added to its Known Exploited Vulnerabilities catalog), ensure security operations centers continuously monitor EDR alerts for suspicious network activity, and strengthen their incident response plans.

In July, the U.S. cybersecurity agency issued another advisory following a proactive hunt engagement at a U.S. critical infrastructure organization.

While it didn't find evidence of malicious activity on its network, it discovered many cybersecurity risks, including but not limited to insecurely stored credentials, shared local admin credentials across multiple workstations, unrestricted remote access for local administrator accounts, insufficient logging, and network segmentation configuration issues."

Source: https://www.bleepingcomputer.com/ne...ached-federal-agency-using-geoserver-exploit/
 
You must log in or register to reply here.
Back
Top