Posted on by Clive Catton

CISA statement on mitigating MFA and “PrintNightmare” exploits UPDATED 17 March 2022

This article was first posted on 16 March 2022

Here is some good cyber security advice from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) regarding increased cyber threat activity from the Russia Ukraine conflict.

“PrintNightmare” is an escalation of an MFA exploitation to the Windows print spooler.

Here is the summary with advice about Multi-Factor Authentication:

Mitigating Threats Posed by Russian State-Sponsored Cyber Actors’ Exploitation of Default Multifactor Authentication Protocol and “PrintNightmare” Vulnerability | CISA

The advice about enforcing MFA for every services and making it 100% enforceable is advice I am constantly issuing on this blog and to clients – and still people resist. Usually they say it takes too much time or is too complicated.

Here is the advisory:

Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability | CISA

I have included some other CISA advice at the top of the page – read it and take action. Read it and if you need help then contact us:

Further Reading

Attackers breach NGO by exploiting MFA, PrintNightmare flaw • The Register

Do you want to know more?

Clive Catton MSc (Cyber Security) – by-line and other articles

CISA cyber security advice 200