Defending Against Misconfigured MFA & PrintNightmare Vulnerabilities
eSecurity Planet
MARCH 21, 2022
Inactive Accounts and Default Configurations. Hackers gained initial access by brute-forcing an existing account via “a simple, predictable password” to enroll a new device in the MFA procedures, the agencies said. MFA was automatically disabled because the account was inactive for a long period.
Let's personalize your content