Cisco Hacked by UNC2447, Lapsus$ and Yanluowang.
Posted by: Corporal Punishment on 08/11/2022 02:40 PM
[
Comments
]
Using a combination of attacks Ciscos network was compromised by ga group that they beve has ties to by UNC2447, Lapsus$ and Yanluowang.
The attacker conducted a series of sophisticated voice phishing attacks under the guise of various trusted organizations attempting to convince the victim to accept multi-factor authentication (MFA) push notifications initiated by the attacker. The attacker ultimately succeeded in achieving an MFA push acceptance, granting them access to VPN in the context of the targeted user. "
Whoever that employee is, I hope they have learned to stop clicking links. You can't get an antivirus app for social engineering.
According to the post, they were able to mitigate the damage prior to a full-blown ransomware attack, and they do not believe any critical data was exposed.
The post at Talos goes on to explain how it happened, what attempts were made and code used to gain access, and that Cisco has created Clam antivirus definitions for the security community to use, which was rather nice of them.
Read more @ blog.talosintelligence.com
The attacker conducted a series of sophisticated voice phishing attacks under the guise of various trusted organizations attempting to convince the victim to accept multi-factor authentication (MFA) push notifications initiated by the attacker. The attacker ultimately succeeded in achieving an MFA push acceptance, granting them access to VPN in the context of the targeted user. "
Whoever that employee is, I hope they have learned to stop clicking links. You can't get an antivirus app for social engineering.
According to the post, they were able to mitigate the damage prior to a full-blown ransomware attack, and they do not believe any critical data was exposed.
The post at Talos goes on to explain how it happened, what attempts were made and code used to gain access, and that Cisco has created Clam antivirus definitions for the security community to use, which was rather nice of them.
Read more @ blog.talosintelligence.com
Comments
