CyberSecurityBoard
Sponsor Register Login

AnyDesk Compromised, Passwords Revoked

AnyDesk, which provides a remote desktop application providing access, file transfer, and VPN functionality for endpoints, has announced that its production systems have been compromised, and that it plans to revoke all its security-related certificates and reset all Web portal passwords as a precaution.
AnyDesk also said that it's working with appropriate law enforcement agencies on the incident and that there's so far no evidence of ransomware.
In addition to the internal password rotations, the company urged its customers to update any passwords used across other accounts.
Remote access management tools like AnyDesk are a popular target of cybercriminals.
Last summer both the Cybersecurity and Infrastructure Security Agency and the National Security Agency issued a joint advisory warning that threat actors were using these remote monitoring and management systems, including AnyDesk and ScreenConnect to infiltrate organizations and federal agencies.


This Cyber News was published on www.darkreading.com. Publication date: Mon, 05 Feb 2024 21:50:11 +0000


Cyber News related to AnyDesk Compromised, Passwords Revoked

AnyDesk says hackers breached its production servers, reset passwords - AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack. AnyDesk ...
11 months ago Bleepingcomputer.com
AnyDesk says hackers breached its production servers, resets passwords - AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack. AnyDesk ...
11 months ago Bleepingcomputer.com
AnyDesk Shares More Information on Recent Hack - AnyDesk has shared more information on the recent hacker attack, including when threat actors first breached its systems and the impact of the incident. According to the developer of the popular remote access software, the intrusion was discovered in ...
11 months ago Securityweek.com
Enzoic for AD Lite Data Shows Increase in Crucial Risk Factors - The 2023 data from Enzoic for Active Directory Lite data from 2023 offers a revealing glimpse into the current state of cybersecurity, highlighting a significant increase in risk factors that lead to data breaches. The free password auditor has been ...
1 year ago Securityboulevard.com
AnyDesk Compromised, Passwords Revoked - AnyDesk, which provides a remote desktop application providing access, file transfer, and VPN functionality for endpoints, has announced that its production systems have been compromised, and that it plans to revoke all its security-related ...
11 months ago Darkreading.com
The most popular passwords of 2023 are easy to guess and crack - Each year, analysts at various Internet security companies release lists of the most used passwords. ADVERTISEMENT. The passwords that are on these lists may act as a warning for any Internet and electronic device user. Some common passwords have ...
1 year ago Ghacks.net
AnyDesk hacked, details unclear - The remote access software provider published a disclosure post to its website late last week describing the incident. AnyDesk said it activated a remediation and response plan as well as engaged CrowdStrike. As of Friday, the company had not revoked ...
11 months ago Techtarget.com
AnyDesk revokes certs, passwords after IT security breach The Register - The biz has told customers to expect disruption as it attempts to lock down its infrastructure. While there's no specific mention of stolen data, some infosec analysts have pointed out that the disclosure indicates that criminals got hold of ...
11 months ago Go.theregister.com
Protect your Active Directory from these Password-based Vulnerabilities - Deploying a security solution like Specops Password Policy enhances the protection of passwords, which are frequently exploited as an initial entry point by attackers. In this attack, the perpetrator, typically using a compromised low-level account ...
1 year ago Bleepingcomputer.com
GitHub Revokes Compromised Code Signing Certificates After Repo Hack - GitHub has recently revealed that unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories. The company has found no ...
1 year ago Bleepingcomputer.com
CISA Warns of Compromised Microsoft Accounts - CISA issued a fresh CISA emergency directive in early April instructing U.S. federal agencies to mitigate risks stemming from the breach of numerous Microsoft corporate email accounts by the Russian APT29 hacking group. The directive is known as ...
9 months ago Securityboulevard.com
GitHub code-signing certificates stolen - Another day, another access-token-based database breach. This time, the victim is Microsoft's GitHub business. On December 6, 2022, repositories from our atom, desktop, and other deprecated GitHub-owned organizations were cloned by a compromised ...
1 year ago Nakedsecurity.sophos.com
In Pursuit of a Passwordless Future - Many computer users dream of a day when the industry can move past its reliance on passwords to reach a more serene future of frictionless cybersecurity. The fact is that countless remaining devices and systems have been aging and based on password ...
1 year ago Securityboulevard.com
In Pursuit of a Passwordless Future - Many computer users dream of a day when the industry can move past its reliance on passwords to reach a more serene future of frictionless cybersecurity. The fact is, countless remaining devices and systems are aging relics that have been based on ...
11 months ago Cyberdefensemagazine.com
CVE-2021-44425 - An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.3. An unnecessarily open listening port on a machine in the LAN of an attacker, opened by the Anydesk Windows client when using the tunneling feature, allows the attacker ...
2 years ago
CVE-2024-50106 - In the Linux kernel, the following vulnerability has been resolved: nfsd: fix race between laundromat and free_stateid There is a race between laundromat handling of revoked delegations and a client sending free_stateid operation. Laundromat thread ...
2 months ago Tenable.com
Hackers' Use of Remote Administration Tools to Control Systems - Remote administration tools are software that allows managing and controlling terminals from a remote location. The tools can be used for work-from-home purposes as well as remote control, management, and maintenance of unmanned devices. AnyDesk is a ...
1 year ago Gbhackers.com
Password Advice for the Rest of Us - Cisco Blogs - The key function you’re wanting out of a password manager is the ability to create passwords that are at least twenty (20) characters long, with all the typical mix of letters, numbers and symbols, as well as the ability to create a unique password ...
3 months ago Feedpress.me
How to use the Apple Passwords app - Help Net Security - The app’s Security section informs you if you have chosed easily guessable or reused passwords, or if that particular password has been compromised (i.e., appears in public data leaks). To edit passwords, select the “All” section and then ...
3 months ago Helpnetsecurity.com
Jason's Deli Restaurant Chain Hit by a Credential Stuffing Attack - The personal information of more than 340,000 customers of popular restaurant chain Jason's Deli may have been victims of a credential stuffing attack, a scheme in which the hacker uses stolen or leaked credentials to log into other online accounts. ...
11 months ago Securityboulevard.com
The password attacks of 2023: Lessons learned and next steps - The relentless onslaught of password-based cyber attacks underscores the alarming ease with which cybercriminals can exploit vulnerable credentials to inflict damage. Password attacks take many forms: from phishing schemes that dupe employees into ...
1 year ago Bleepingcomputer.com
Most common passwords: 70% can be cracked in less than a second - Racking your brains to come up with a strong password can be a pain. NordPass, the password management tool from the team behind NordVPN, partnered with independent researchers to release its study of the 200 most common passwords used in 2023. Of ...
1 year ago Cnbc.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
8 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
8 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
8 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)