21
submitted 9 months ago by BlanK0@lemmy.ml to c/security@lemmy.ml
top 2 comments
sorted by: hot top controversial new old
[-] ratman150@sh.itjust.works 8 points 9 months ago

This seems like a good course of action compared to how most breaches are handled.

[-] autotldr 2 points 9 months ago

This is the best summary I could come up with:


AnyDesk has copped to an IT security "incident" in which criminals broke into the remote-desktop software maker's production systems.

The application developer, which is said to have more than 170,000 customers worldwide, disclosed the intrusion in a statement on its website late on Friday, claiming it is "not related to ransomware."

While there's no specific mention of stolen data, some infosec analysts have pointed out that the disclosure indicates that criminals got hold of AnyDesk's code signing certificate.

According to infosec world watchers, criminals are selling AnyDesk customer credentials on the dark web, though these may not be related to this latest heist.

Other security shops warned that the pillaging has already begun with "multiple threat actors" selling access to stolen AnyDesk credentials.

Nick Hyatt, director of threat intelligence at managed detection and response firm BlackPoint, told The Register that the credentials are legitimate, but not newly stolen.


The original article contains 359 words, the summary contains 147 words. Saved 59%. I'm a bot and I'm open source!

this post was submitted on 05 Feb 2024
21 points (100.0% liked)

Security

5014 readers
1 users here now

Confidentiality Integrity Availability

founded 4 years ago
MODERATORS