I-cybersecurity kanye ne-ejensi yezokuphepha yengqalasizinda yase-US (i-CISA) yathi ama-cybercriminals adlula ngempumelelo amaphrothokholi wokufakazela ubuqiniso ngokuqinisekiswa kwe-multi-factor (MFA) ukuze abeke phansi ama-akhawunti ukuthola izinsizakalo ezithile zamafu.
Isitatimende esisemthethweni se-ejensi sasho lokhu okulandelayo: "UCisa unolwazi oluthembekile lokuthi ukuhlaselwa ngempumelelo kwe-hacker kuqhutshelwe ezinsizakalweni zamafu ezinhlangano ezahlukahlukene ze-United States. Ama-cybercriminals, ahlanganyele ekuhlaselweni, ajabulele amasu namaqhinga ahlukahlukene, okuthola ubugebengu bokweba imininingwane ebucayi, imizamo yokungena ohlelweni ngamabutho ahlanganayo, ahlaselwa yi- "Pass-the-Cookie" nabanye abaningi. Lokhu bekubavumela ukuba bathole amaphuzu abuthakathaka ezinhlelweni zokuphepha zezinsizakalo zamafu ezisulu. "
UCisa Qaphela ukuthi ama-cybercriminals sebezwile isikhathi eside ukufinyelela izimpahla ezifuywayo zezisulu ezisebenzisa ukuhlaselwa kwamandla ama-coarse, kepha imvamisa kubaduni behlulekile ngenxa yokuqagela ubuqiniso noma ngenxa yesisulu sokuqinisekiswa kwe-MFA.
Kepha okungenani esigabeni esithile sokuphepha sakamuva, abaduni bakwazile ukungena ngempumelelo kwi-akhawunti yomsebenzisi ngisho nokuqinisekiswa kwe-multifactor (MFA).
UCisa uthatha ukuthi abaduni bakwazile ukuthi "banqobe amaphrothokholi wokufakazela ubuqiniso be-MFA ngaphakathi kokuhlaselwa kwe-Pass-the Cookie. Ngesikhathi se-cyberatka enjalo, abaduni sebevele bethwebula iseshini eqinisekisiwe besebenzisa ama-Stolen Cookies session session session session for Authorization ezinsizakalweni eziku-inthanethi kanye nezicelo zeWebhu.
I-ejensi ye-cybersecurity nokuphepha kwengqalasizinda futhi yabhalisa amaqiniso okusetshenziswa kokufinyelela kokuqala kwe-cybercriminals, eyatholakala ngemuva kokufakazelwa kwabasebenzi bobugebengu bokweba imininingwane ehlukile kwenhlangano yabasebenzisi.
Ngamanye ama-cyberatics, kwaphawulwa ochwepheshe be-CISA ukuthi abaduni bashintsha noma basebenzise izinhlamvu ze-imeyili nemithetho yokusesha ukuze baqoqe ngokuzenzakalela idatha eyimfihlo kanye nemininingwane yezezimali evela kuma-akhawunti we-Post Service avela.
"Ngaphezu kokushintsha imithetho ye-imeyili etholakalayo yabasebenzisi, ama-cybercrimininals abuye adale nemithetho emisha yamabhokisi eposi, okubangela ukuqondiswa okuzenzakalelayo kwezinhlamvu ezisebenziseka kalula ezingxenyeni ezilula kakhulu (ama-RSS) zabanye abasebenzisi bangempela. Kwenziwa ukuthi izisulu aziboni izexwayiso ngomsebenzi ononya, "kufingqiwe eCisa.
I-FBI ixwayise ngaphambilini izinhlangano zase-United States eziyekisa ukuhlukumeza imithetho yokuqondisa kabusha ezenzakalelayo kumakhasimende e-imeyili e-Plabatics we-imeyili Ukuyekethiswa kwe-imeyili (i-BEC).
Indwangu ethokozisayo ku-CisoClub.ru. Bhalisela: Facebook | I-VK | I-Twitter | I-Instagram | I-Telegraph | Zen | Isithunywa | I-ICQ New | I-YouTube | Pulse.