Cisco Duo Breached by Social Engineering – Dark Reading reports

Finn Jensen

Finn Jensen | Founder, FastPasscorp

CISCO Duo breach blog

Dark Reading reports that threat actors stole employee credentials through social engineering from a telco company sending SMS on behalf of DUO! It gave the criminals access to SMS codes for MFA security! See copy of text below:

1. Stealing passwords for important employees is high on the criminals to-do-list

2. Your MFA infra-structure might not be enough for you!

Protect your company with multiple methods against social engineering. Pay special attention to a soft spot: Your IT Help Desk’s user verification, which can be an easy target.

Contact me to discuss how FastPass secure verification with automation can fortify your help desk and improve productivity.

The Dark Reading text:

“A third-party provider that handles telephony for Cisco's Duo multifactor authentication (MFA) service has been compromised by a social engineering cyberattack. Now Cisco Duo customers have been warned to be on alert for follow-on phishing schemes.

Customers were sent a notice explaining that the company handling SMS and VOIP multifactor authentication messaging traffic for Cisco Duo was breached on April 1. The threat actors reportedly used compromised employee credentials. Once inside the service provider's systems, the unauthorized user downloaded SMS logs for specific users within a certain timeframe, the company said.”

Finn Jensen
Contact Finn for a quick FastPass feasibility check!

Related Posts

Scroll to Top