BACKGROUND
Hacking group Nobelium which has caused concern for a lot of companies all over the world due to its ongoing malicious activity and sophisticated phishing attacks, is once again targeting IT and government organizations in various countries.
Information-stealing malware was found on a device belonging to one of Microsoft's employees with access to account information for a small number of their customers, and the attacker has used the information in some cases to launch highly targeted attacks as part of a broader campaign.
IMPACT
- Password spray and brute force attacks are being carried out against multiple organizations, but its malicious activity has been mostly unsuccessful.
RECOMMENDATIONS
- Deploy a Zero Trust security model. Zero Trust requires strict identity verification for every user and device when attempting to access resources on a network. It also provides the ability to limit a user's access once inside the network.
- Enable multi-factor authentication with granular identity and access management configurations.
- Take a proactive approach in making frequent backups of important data offsite.
- Use strong and different passwords for every server and change them regularly.
- Frequent update of operating system, applications, and every network device.
- Enable security alerts about links and files from suspicious websites.