CISA NSA Data Breach
CISA NSA experienced a data breach that was reported on January 30, 2023. CISA, NSA, and MS-ISAC released a joint advisory warning about the malicious use of legitimate remote monitoring and management (RMM) software (ScreenConnect and AnyDesk) used in a phishing scam to steal money from bank accounts. The authoring organizations have warned network defenders to apply the recommended mitigations to protect against such malicious use of RMM software. Source
Key Facts
- Organization
- CISA NSA
- Date Reported
- January 30, 2023
- Incident Type
- phishing
- Industry
- Financial Services
- Severity Score
- 5/10
- Confidence Level
- high
- Tags
Source
View original source - External link to primary source documentation
Understanding phishing Incidents
Phishing attacks use deceptive communications to trick users into revealing credentials or installing malware. Multi-factor authentication and security awareness training are key defenses.