silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,168
A hacker has gained access and exfiltrated data from a federal agency, the Cybersecurity and Infrastructure Security Agency (CISA) said on Thursday.
The name of the hacked federal agency, the date of the intrusion, or any details about the intruder, such as an industry codename or state affiliation, were not disclosed.
CISA officials revealed the hack after publishing an in-depth incident response (IR) report detailing the intruder's every step.
The report, which ZDNet analyzed today, reveals how the intruder gained access to the federal agency's internal networks through different channels, such as leveraging compromised credentials for Microsoft Office 365 (O365) accounts, domain administrator accounts, and credentials for the agency's Pulse Secure VPN server.
CISA says a hacker breached a federal agency
CISA didn't name the attacker but it published an in-depth incident report detailing the hacker's every step.
www.zdnet.com