• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Sys & Infrast Lifecycle Mngt 1

Information Technology Audit and Cybersecurity, Temple University

Sys & Infrast Lifecycle Mngt 1

MIS 5203.001 ■ Spring 2020 ■ Wade Mackey
  • Home
  • Syllabus
    • Gradebook
  • Announcements
  • Course Work
    • 1 – Intro/SDLC
    • Planning
      • 2 – Prjct Mngmt & Governance
      • 3 – Business Case & Feasibility
    • Analysis
      • 4 – Requirements Determination
      • 5 – Process Modeling
      • 6 – Data Modeling
      • 7 -Test One
    • Design
      • 10 – HCI (UI)
      • 8 – Database
      • 9 – Software
      • 11 – Test Two
    • Implementation
      • 12 – Architecture
      • 13 – Development & Testing
      • 14 – Migration & Deployment
      • Test 3: Implementation
  • Projects
    • Project 1: Business Case Development
    • Project 2: SDLC
    • Project 3: Systems Design
    • Project 4: Process Re-engineering
    • Project 5: Controls

“FBI: Watch Out for LockBit 2.0 Ransomware, Here’s How to Reduce the Risk to Your Network”

February 11, 2022 Leave a Comment

“FBI: Watch Out for LockBit 2.0 Ransomware, Here’s How to Reduce the Risk to Your Network.”

As the FBI warns us about the LockBit 2.0 ransomware, they are also warning us to utilize MFA and strong passwords for all admin and high-value accounts. It is mentioned in the article, Microsoft has found that 78% of organizations using Azure Active Directory does not have MFA enabled. If this is keeping an organization safe, why aren’t they using it?
LockBit2.0 targets Windows PCs and Linux servers via bugs in VMWare’s virtual machine.
LockBit’s operators use any method available to compromise a network, as long as it is successful. For example, the operators are buying access to already compromised network from “access brokers,” exploiting unpatched software bugs, and even paying for insider access, as well as using exploits for previously unknown zero-day flaws. Lockbit 2.0 identifies and collects an infected device’s hostname, host configuration, domain information, local drive configuration, remote shares, and mounted external storage devices. It then attempts to encrypt the data saved to any local or remote device but skips flies associated with core system functions. Afterwards, it deletes itself from the disk and creates persistence at a startup. The FBI additionally recommends companies segment their networks, investigate any abnormal activity, implement time-based access for accounts set at the admin level and higher, disable command-line and scripting activities and permissions, and maintain offline backups of data.

By: Victoria Zak 

https://www.zdnet.com/article/fbi-watch-out-for-lockbit-2-0-ransomware-heres-how-to-reduce-the-risk-to-your-network/

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

RECENT ANNOUNCEMENTS

“School District reports a 334% hike in cybersecurity insurance costs”

A school district in Chicago released details on its cyber-insurance, from … [More...] about “School District reports a 334% hike in cybersecurity insurance costs”

“Security Flaws Seen in China’s Mandatory Olympics App for Athletes”

The article I read this week was from the New York Times, and it describes … [More...] about “Security Flaws Seen in China’s Mandatory Olympics App for Athletes”

“‘Preparation, not panic’: Top US cyber official asks Americans to look out for Russian hacking efforts”

by Sean Lyngaas 3/26/22 To summarize this article, the United States … [More...] about “‘Preparation, not panic’: Top US cyber official asks Americans to look out for Russian hacking efforts”

Cisco Umbrella default SSH key allows theft of admin credentials

Cisco Umbrella default SSH key allows theft of admin credentials … [More...] about Cisco Umbrella default SSH key allows theft of admin credentials

The battle over end-to-end encryption

The BBC article, “The battle over end-to-end encryption, is news to … [More...] about The battle over end-to-end encryption

Hackers Using Device Registration Trick to Attack Enterprise with Lateral Phishing

This article explains the email-based social engineering of criminals to … [More...] about Hackers Using Device Registration Trick to Attack Enterprise with Lateral Phishing

[More Announcements...]

Copyright © 2025 · Department of Management Information Systems · Fox School of Business · Temple University