Cybersecurity Weekly: Dodging MFA, struggles implementing zero-trust and tax season fraud concerns
New MFA warnings from CISA and FBI, new report indicates struggles with zero-trust implementation and threat actors leveraging tax season to commit fraud. All this, and more, in this week’s edition of Cybersecurity Weekly.
1. CISA and FBI warning: Hackers used these tricks to dodge multi-factor authentication
The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about Russian state-sponsored activity that pre-dates recent warnings over cyber activity related to Russia's military invasion of Ukraine.
2. Security teams struggle to get started with zero-trust
Nearly a third of respondents in a Dark Reading survey on endpoint security strategy say zero-trust is too confusing to implement.
3. Your data, their gain: How threat actors leverage tax season to commit fraud
While tax return fraud is an issue throughout the year, it is, of course, most prevalent during tax season. Around the time when winter turns to spring, threat actors pursue W2 and other tax-related forms, which are chock-full of personally identifiable information (PII) and may provide them with the data they need to commit tax fraud, among other illegal activities.
4. This sneaky type of phishing is growing fast because hackers are seeing big paydays
Researchers warn about an increase in conversation hijacking emails, where hackers abuse accounts of people you trust to send you phishing links and malware.
5. CISOs face 'perfect storm' of ransomware and state-supported cybercrime
For some industries, vulnerability exploitation and system intrusions have crossed from the cyber-realm and become matters of life and death.