Thursday, October 13, 2022

Cisco Hacked by Lapsus$ Ransomware Gangs, 2.75GB Data Stolen Allegedly

 

Cisco Hacked by Lapsus$ Ransomware Gangs, 2.75GB Data Stolen Allegedly

The networking giant Cisco Systems Inc. acknowledged last Wednesday that it was attacked by UNC2447, Lapsus$ and, Yanluowang (Demon) ransomware groups on May 24, 2022, and allegedly lost a total of 2.75 gigabytes of data.


Cisco Security Incident Response Team (CSIRT) and risk intelligence branch Cisco Talos clarified that Cisco didn’t detect any impact to its business or related services, sensitive customer or employee data, or supply chain activities because of the hack.

Phishing attack employee credentials to access internal network

Yanluowang group stole employee’s credentials to get access to Cisco’s system by hijacking their Google accounts, which comprised credentials synchronized from the browser.


Through MFA fatigue and voice phishing attacks by the threat actors impersonating trusted sources, the attacker persuaded Cisco employee to accept multi-factor authentication (MFA) push alerts.


MFA fatigue is an attack strategy where criminal groups pester a target with a persistent barrage of requests in the hopes that they finally accept one to prevent them. After ultimately tricking the victim into receiving one alert, Yanluowang was able to connect to the VPN in the disguise of targeted user.


The gang managed to spread to Citrix servers and domain controllers, and while they escalated to administrative privileges, their actions alarmed CSIRT and were expelled at last.

Hackers claim to obtain Cisco data and ask for ransomware

Only last week, after Cisco was added to the Yanluowang ransomware group's leak site, did the company make the announcement. On top of that, the cybercrime gang asserted in an email sent to Cisco that they had accessed 3,100 files amounting to 2.75 gigabytes of data, containing non-disclosure agreements, data dumps, and technical drawings.

Hackers claim to obtain Cisco data and ask for ransomware

To prove it has successfully exfiltrate data from a Box folder, the Yanluowang gang announced the data breach on their data leak site and tweeted the picture saying, “Yanluowang ransomware has posted Cisco to its leaksite.”


But no sign of any ransomware deployed on Cisco’s systems was detected despite the fact that Yanluowang is notorious for encrypting data of its victims, according to Cisco.

How to Prevent Ransomware?

Ransomware attacks are everywhere, and they are huge threats for data security. However, they are not undefeated. A comprehensive, all-hands-on-deck strategy involving your entire organization is needed to combat ransomware.


Establish a response plan: Create an incident response strategy to ensure that your IT security staff is prepared for a ransomware outbreak or other kinds of cyber attacks. The strategy should specify the communications channels and responsibilities that will be used during an attack. A list of contacts, such as any partners or vendors who need to be contacted, should also be included.


Strengthen your endpoints: The threat surface of your business can be reduced with the aid of secure configuration settings, which can also patch any security holes left by default setups. And keep the systems, software, and firewalls updated to help close the security gaps.


Maintain backups constantly: Backing up crucial data is the most effective way of recovering from cyber attacks. You need to make sure safety of your Hyper-V Backup solutions, though. Either you store them in remote sites with multiple copies or you put them on the cloud to mitigate the ransomware attacks.


Vinchin Backup & Recovery is a virtual data protection for 10+ virtualizations that keeps frequent and fast backups with data reduction technologies and CBT/SpeedKit technology via multithreaded transmission, and secure them with a real time IO denying any unauthorized access to prevent malware or ransomware. There are 15s instant recovery and offsite backup copy to safeguard data security and business continuity if something happens.


You can download the 60-day free trial of Vinchin Backup & Recovery now to protect your crucial data now.

Accepting Guest Posts

Contact For Health Accepting Guest Posts or Health Blogs Write For Us

We at A Class Blogs accept Guest Posts, Articles, Info-graphics and Creative Video Posts, etc. If you guys have the talent to write for the best categories like Health, Travel, Tech, Technology Business, Home And Improvements, Real Estate, Finance, etc. Then contact us at aclassblogs@gmail.com.

A Class Blogs - Health Accepting Guest Posts

We are accepting guest posts on almost every niche like fashion, Health, healthcare, finance, home and improvement, travel, technology niche, etc.

But we have noticed users and SEO's are more likely to find us using Health accepting guest posts or health and wellness guest post using queries.

The most likely queries are listed below:

Health accepting guest posts
“submit guest post” + “health”
health blogs + write for us
health and wellness guest post
Pet Health + "write for us"
write for us health
health + write for us + guest post
health “accepting guest posts”
health care write for us
health blog guest post
medical news write for us
health tips write for us
health and fitness write for us
"health blog" + "write for us"
guest posting sites for health
“submit guest post” + “fitness”

This is how A Class blogs tend to found on number one search engine Google. So you can also Submit blogs and articles on the number one platform in all the categories.

For Write For Us Finance or Tech Submit Guest Post or Write For us Fashion visit the link.