Cyber Security
Beware Of Solarwind Hackers, NITDA Warns Nigerians
The National Information Technology Development Agency (NITDA) has warned Nigerians to beware of a new email-based attack from Solarwinds hackers.
The agency gave the warning on its official Twitter handle.
@ogunjosam @admaxworld seems NITDA dey make sense with their updates these days
— Bolaji (@bolsaid) May 30, 2021
According to NITDA, the cybercriminals leveraged the legitimate mass-mailing service to distribute malicious URLs.
Microsoft uncovered a widespread malicious email campaign undertaken by the hacking group – Nobelium.
The antics of the cybercriminals involve the use of emails claiming to be an alert from USAID about new documents published by Donald Trump about ‘election fraud.’
Once a user clicks the link in the email, the URL would direct them to the legitimate Constant Contact service and the redirect to Nobelium-controlled infrastructure through a URL that delivers a malicious ISO file.
This in turn enables the criminals to execute further malicious objectives, such as lateral movement, data exfiltration and delivery of additional malware.
ALSO READ: Limit The Sharing Of Sensitive Information On WhatsApp – NITDA
“The cybercriminals leveraged the legitimate mass-mailing service to masquerade as a US-based development organisation and distribute malicious URLs to a wide variety of organisations, non-governmental organisations (NGOs), think tanks, military, IT service providers, health technology and research and telecommunications providers.”
How not to fall a victim
- Turn on cloud-delivered protection in Microsoft Defender Antivirus or the equivalent to cover rapidly evolving attacker tools and techniques.
- Run EDR in block mode to enable antivirus to block malicious artifacts (EDR in block mode works behind the scenes to remediate artifacts that are detected post-breach).
- Enable network protection to prevent applications or users from accessing malicious domains and other malicious content on the internet.
- Enable investigation and remediation in full automated mode to allow antivirus take immediate action on alerts to resolve breaches.
- Use device discovery to increase your visibility into your network by finding unmanaged devices on your network and onboarding them.
- Enable multifactor authentication(MFA) to mitigate compromised credentials.
- Block all Office applications from creating child processes.
-
Fintech/Cryptocurrency4 weeks agoBitcoin Price Falls Below $40K As Crypto Markets Lost $80 Billion
-
AI/IoT2 weeks agoMTN, Airtel, Glo, Other Telecom Operators Plan 40% Hike On Calls, SMS Tariffs
-
Cyber Security2 weeks agoHackers Force 44% Of Nigerian Companies To Pay Ransom – Report
-
News2 days agoBuffalo Shooter, Payton Gendron Kills 10 Blacks While Livestreaming On Twitch
-
Business2 weeks agoGucci Now Accepting Cryptocurrency Payments At Select US Stores
-
Business1 week agoInfinix Hot12 and Free Fire: A Fast and Fun Experience Reloaded
-
Features23 hours agoHere’s What You Don’t Know About ASUU Strike
-
Features1 week agoYou Can Now Conduct WhatsApp Poll
You must be logged in to post a comment Login