Written by May 31, 2021 11:47 am Cyber Security, News Views: 3

Beware Of Solarwind Hackers, NITDA Warns Nigerians

Spread the love

The National Information Technology Development Agency (NITDA) has warned Nigerians to beware of a new email-based attack from Solarwinds hackers.

The agency gave the warning on its official Twitter handle.

According to NITDA, the cybercriminals leveraged the legitimate mass-mailing service to distribute malicious URLs.

Microsoft uncovered a widespread malicious email campaign undertaken by the hacking group – Nobelium.

The antics of the cybercriminals involve the use of emails claiming to be an alert from USAID about new documents published by Donald Trump about ‘election fraud.’

Once a user clicks the link in the email, the URL would direct them to the legitimate Constant Contact service and the redirect to Nobelium-controlled infrastructure through a URL that delivers a malicious ISO file.

This in turn enables the criminals to execute further malicious objectives, such as lateral movement, data exfiltration and delivery of additional malware.

ALSO READ: Limit The Sharing Of Sensitive Information On WhatsApp – NITDA

The cybercriminals leveraged the legitimate mass-mailing service to masquerade as a US-based development organisation and distribute malicious URLs to a wide variety of organisations, non-governmental organisations (NGOs), think tanks, military, IT service providers, health technology and research and telecommunications providers.”

How not to fall a victim

  1. Turn on cloud-delivered protection in Microsoft Defender Antivirus or the equivalent to cover rapidly evolving attacker tools and techniques.
  2. Run EDR in block mode to enable antivirus to block malicious artifacts (EDR in block mode works behind the scenes to remediate artifacts that are detected post-breach).
  3. Enable network protection to prevent applications or users from accessing malicious domains and other malicious content on the internet.
  4. Enable investigation and remediation in full automated mode to allow antivirus take immediate action on alerts to resolve breaches.
  5. Use device discovery to increase your visibility into your network by finding unmanaged devices on your network and onboarding them.
  6. Enable multifactor authentication(MFA) to mitigate compromised credentials.
  7. Block all Office applications from creating child processes.

facebookShare on Facebook
TwitterTweet
FollowFollow us
PinterestSave
Visited 3 times, 1 visit(s) today
Post Views: 539

Found this interesting? Share!

Related Posts

FeaturedFeaturesNews

March 14, 2024 • One Comment Views: 199

Massive Internet Outage Hits Nigeria, Other African Countries After Undersea Cable Damage

FeaturedFeaturesFintech/Cryptocurrency

March 13, 2024 Views: 81

Top Executive Bode Abifarin Departs Flutterwave as Fintech Unicorn Sees Leadership Shake-Up

FeaturedFeaturesReviews

March 12, 2024 Views: 112

TECNO Spark 20 Pro+ Review: Budget Powerhouse with Flagship Features

FeaturedFeaturesNews

March 11, 2024 Views: 32

Flutterwave is shutting down its Barter service

Previous Story
‘Robo Refs’ To Officiate Premier League Match Next Season
Twitter down for longer than expected over the weekend. Next Story
Twitter’s New Service Might Allow You Undo Tweets

Leave a Reply

Close
Popular Posts
Categories

Welcome to Techuncode

Install
×
×