CISA Reports Federal Agencies Hacked Using Legitimate Remote Desktop Tools

The Cybersecurity and Infrastructure Security Agency (CISA), the agency in charge of overseeing the security of the United States government’s networks and critical infrastructure, has issued an alert warning federal agencies to beware of hackers who exploit legitimate remote desktop protocols and access tools to gain unauthorized access to their networks. According to CISA, it has been analyzing suspicious activity on federal networks and has identified several reports of malicious use of valid administrative tools like Remote Desktop Protocol (RDP), Windows Remote Desktop Services, or other remote access tools being exploited to gain unauthorized access. CISA warns that hackers are using various strategies to gain access, such as phishing emails, malicious executable files, and other methods. A successful breach can easily have disastrous consequences, as malicious actors may be able to steal sensitive data, disrupt operations, or use the compromised network as a structure to launch further attacks. To counter any breaches of security, CISA has put together a list of best practices to secure networks, such as patching systems, enabling multi-factor authentication, implementing user access control, scanning for malicious activities and indicators of compromise, and more. Moreover, CISA has joined forces with the EU Agency for Cybersecurity (CERT-EU) and other security organizations to share information and intelligence about cyber threats, in order to provide better defense to federal agencies and help them protect critical data from cyber criminals, malware, viruses, and other malicious activity. CISA reminds federal agencies that cyber threats can come from anywhere and have serious implications, so it is important to take active measures to protect the organization’s networks and systems. The agency also stresses the importance of regularly monitoring the network for indicators of compromise and responding to any suspicious activity in a timely manner.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 25 Jan 2023 21:19:03 +0000


Cyber News related to CISA Reports Federal Agencies Hacked Using Legitimate Remote Desktop Tools

Accelerating Safe and Secure AI Adoption with ATO for AI: stackArmor Comments on OMB AI Memo - We appreciate the opportunity to comment on the proposed Memo on Agency Use of Artificial Intelligence. Ensuring agencies have access to adequate IT infrastructure,. We base our remarks on our experience helping US Federal agencies transform their ...
9 months ago Securityboulevard.com
CISA Reports Federal Agencies Hacked Using Legitimate Remote Desktop Tools - The Cybersecurity and Infrastructure Security Agency (CISA), the agency in charge of overseeing the security of the United States government’s networks and critical infrastructure, has issued an alert warning federal agencies to beware of hackers ...
1 year ago Bleepingcomputer.com
Security Alert! CISA Reports Refund Scam Targeting Federal Agencies Through Remote Management Software - The Cybersecurity and Infrastructure Security Agency (CISA) recently issued an alert to federal agencies about a refund scam targeting them through remote management software. According to the alert, hackers have been using the remote software to ...
1 year ago Therecord.media
Majority of Gao's Cybersecurity Recommendations Not Implemented by Federal Agencies - The Government Accountability Office has recently reported that federal agencies have been slow to implement a majority of the recommendations it made for improving the cybersecurity of federal agencies. Despite the implementation progress at some ...
1 year ago Securityweek.com
CISA Seeks Public Comment on Newly Developed Secure Configuration Baselines for Google Workspace - As federal civilian agencies continue to modernize IT enterprises, increased reliance on cloud services, platform services, and external providers has introduced new types of risks. Recent threat activity from groups such as Storm-0558 have ...
9 months ago Cisa.gov
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
4 months ago Securityaffairs.com
CISA pledges to resolve issues with threat sharing system after watchdog report - On Friday, the Department of Homeland Security’s Office of the Inspector General published a report on Automated Indicator Sharing (AIS) — which was used to spread cyber threat intelligence and was mandated as part of a 2015 law. The nation’s ...
1 week ago Therecord.media
How Cloud Solutions Can Lead to Stronger, More Secure IT Operations - Cloud services, which offer tools such as networks, servers, and data storage, can help federal agencies deliver better IT services while minimizing costs. Without adequate security measures, these services can expose agencies to cyberattacks. The ...
6 months ago Cyberdefensemagazine.com
CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat - WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agency publicly issued Emergency Directive 24-02 in response to a recent campaign by Russian state-sponsored cyber actor Midnight Blizzard targeting Microsoft corporate email accounts ...
5 months ago Cisa.gov
CISA's OT Attack Response Team Understaffed: GAO - The US Government Accountability Office has conducted a study focusing on the operational technology cybersecurity products and services offered by CISA and found that some of the security agency's teams are understaffed. OT environments continue to ...
6 months ago Securityweek.com
Best Strategies for Avoiding Security Breaches in the U.S. Federal Agencies - U.S. federal agencies are an appealing target for malicious actors and hackers, so it is important for them to be equipped with the best tactics to prevent security breaches and data losses. In this article, we will cover how hackers use legitimate ...
1 year ago Heimdalsecurity.com
The Virtual Desktop Revolution: Redefining Work an - A virtual desktop, also referred to as a virtual desktop infrastructure, is a virtualized computing environment that enables users to remotely access and control their desktops from any device with an internet connection. A user who logs in is given ...
9 months ago Feeds.dzone.com
CISA: Thousands of bugs remediated in second year of vulnerability disclosure program - With 11 new agency programs onboarding in 2023, the VDP Platform drew heightened researcher attention and engagement, which facilitated a marked increase in the volume of vulnerability submissions received, valid vulnerabilities identified and ...
1 week ago Therecord.media
US Federal Agencies Miss Deadline for Incident Response Requirements - Although US federal agencies have made progress in preparing for and responding to cyber threats, too many have failed to meet the deadline to implement incident response capabilities required by law, according to the US Government Accountability ...
10 months ago Infosecurity-magazine.com
CISA Issues Emergency Directive Requiring Federal Agencies to Mitigate Ivanti Connect Secure and Policy Secure Vulnerabilities - WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agency issued Emergency Directive 24-01 in response to observed widespread and active exploitation of vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure appliances by ...
8 months ago Cisa.gov
GAO: Federal Agencies Yet to Fully Implement Incident Response Capabilities - US federal agencies have made progress in implementing mature incident response plans, but many are still steps away from fully achieving this goal, a new report from the Government Accountability Office shows. According to GAO's report, out of 23 ...
10 months ago Securityweek.com
CISA Warns of Compromised Microsoft Accounts - CISA issued a fresh CISA emergency directive in early April instructing U.S. federal agencies to mitigate risks stemming from the breach of numerous Microsoft corporate email accounts by the Russian APT29 hacking group. The directive is known as ...
5 months ago Securityboulevard.com
8 Tips on Leveraging AI Tools Without Compromising Security - Forecasts like the Nielsen Norman Group estimating that AI tools may improve an employee's productivity by 66% have companies everywhere wanting to leverage these tools immediately. How can companies employ these powerful AI/ML tools without ...
10 months ago Darkreading.com
CISA warns of actively exploited Juniper pre-auth RCE exploit chain - CISA warned federal agencies today to secure Juniper devices on their networks by Friday against four vulnerabilities now used in remote code execution attacks as part of a pre-auth exploit chain. The alert comes one week after Juniper updated its ...
10 months ago Bleepingcomputer.com
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
4 months ago Cisa.gov
CISA orders federal agencies to patch Looney Tunables Linux bug - Today, CISA ordered U.S. federal agencies to secure their systems against an actively exploited vulnerability that lets attackers gain root privileges on many major Linux distributions. Dubbed 'Looney Tunables' by Qualys' Threat Research Unit and ...
10 months ago Bleepingcomputer.com
Enabling Threat-Informed Cybersecurity: Evolving CISA's Approach to Cyber Threat Information Sharing - One of CISA's most important and enduring roles is providing timely and actionable cybersecurity information to our partners across the country. Nearly a decade ago, CISA stood up our Automated Indicator Sharing, or AIS, program to widely exchange ...
9 months ago Cisa.gov
The US Needs To Follow Germany's Attack-Detection Mandate - To effectively combat these threats, the US needs to adopt a comprehensive and proactive approach to cybersecurity, similar to the one taken by Germany with its IT-SiG 2.0 mandate. The IT-SiG Approach Compared With the US's Current Capabilities One ...
10 months ago Darkreading.com
How Government Agencies Can Leverage Grants to Shore Up Cybersecurity - COMMENTARY. Since the pandemic forced unprecedented adoption of remote access and delivery of government services, telehealth, and education, cybersecurity has rapidly shot to the top of priority lists for IT leaders. What was once a shiny object ...
5 months ago Darkreading.com
US Agencies Failing to Oversee Ransomware Protections - The White House's goal of bolstering the cyber resilience of critical infrastructure is being threatened by US federal agencies' lack of oversight of ransomware protections, according to a new Government Accountability Office report. The GAO noted ...
8 months ago Infosecurity-magazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)