{"id":117305,"date":"2020-12-17T23:23:40","date_gmt":"2020-12-18T07:23:40","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2020\/12\/nsa-cybersecurity-advisory-malicious-actors-abuse-authentication-mechanisms-to-access-cloud-resources"},"modified":"2020-12-17T23:23:40","modified_gmt":"2020-12-18T07:23:40","slug":"nsa-cybersecurity-advisory-malicious-actors-abuse-authentication-mechanisms-to-access-cloud-resources","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2020\/12\/nsa-cybersecurity-advisory-malicious-actors-abuse-authentication-mechanisms-to-access-cloud-resources","title":{"rendered":"NSA Cybersecurity Advisory: Malicious Actors Abuse Authentication Mechanisms to Access Cloud Resources"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/nsa-cybersecurity-advisory-malicious-actors-abuse-authentication-mechanisms-to-access-cloud-resources.jpg\"><\/a><\/p>\n<p>In response to ongoing cybersecurity events, the National Security Agency (NSA) released a Cybersecurity Advisory Thursday \u201cDetecting Abuse of Authentication Mechanisms.\u201d This advisory provides guidance to National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) network administrators to detect and mitigate against malicious cyber actors who are manipulating trust in federated authentication environments to access protected data in the cloud. It builds on the guidance shared in the cybersecurity advisory regarding VMware with state-sponsored actors exploiting CVE 2020\u20134006 and forging credentials to access protected files, though other nation states and cyber criminals may use this tactic, technique, and procedure (TTP) as well.<\/p>\n<p>Detecting abuse of authentication mechanisms infographic.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In response to ongoing cybersecurity events, the National Security Agency (NSA) released a Cybersecurity Advisory Thursday \u201cDetecting Abuse of Authentication Mechanisms.\u201d This advisory provides guidance to National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) network administrators to detect and mitigate against malicious cyber actors who are manipulating trust in federated [\u2026]<\/p>\n","protected":false},"author":513,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-117305","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/117305","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/513"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=117305"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/117305\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=117305"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=117305"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=117305"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}