CyberSecurityBoard
Sponsor Register Login

AnyDesk Compromised, Passwords Revoked

AnyDesk, which provides a remote desktop application providing access, file transfer, and VPN functionality for endpoints, has announced that its production systems have been compromised, and that it plans to revoke all its security-related certificates and reset all Web portal passwords as a precaution.
AnyDesk also said that it's working with appropriate law enforcement agencies on the incident and that there's so far no evidence of ransomware.
In addition to the internal password rotations, the company urged its customers to update any passwords used across other accounts.
Remote access management tools like AnyDesk are a popular target of cybercriminals.
Last summer both the Cybersecurity and Infrastructure Security Agency and the National Security Agency issued a joint advisory warning that threat actors were using these remote monitoring and management systems, including AnyDesk and ScreenConnect to infiltrate organizations and federal agencies.


This Cyber News was published on www.darkreading.com. Publication date: Mon, 05 Feb 2024 21:50:11 +0000


Cyber News related to AnyDesk Compromised, Passwords Revoked

AnyDesk says hackers breached its production servers, reset passwords - AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack. AnyDesk ...
5 months ago Bleepingcomputer.com
AnyDesk says hackers breached its production servers, resets passwords - AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack. AnyDesk ...
5 months ago Bleepingcomputer.com
AnyDesk Shares More Information on Recent Hack - AnyDesk has shared more information on the recent hacker attack, including when threat actors first breached its systems and the impact of the incident. According to the developer of the popular remote access software, the intrusion was discovered in ...
4 months ago Securityweek.com
Enzoic for AD Lite Data Shows Increase in Crucial Risk Factors - The 2023 data from Enzoic for Active Directory Lite data from 2023 offers a revealing glimpse into the current state of cybersecurity, highlighting a significant increase in risk factors that lead to data breaches. The free password auditor has been ...
5 months ago Securityboulevard.com
AnyDesk Compromised, Passwords Revoked - AnyDesk, which provides a remote desktop application providing access, file transfer, and VPN functionality for endpoints, has announced that its production systems have been compromised, and that it plans to revoke all its security-related ...
4 months ago Darkreading.com
The most popular passwords of 2023 are easy to guess and crack - Each year, analysts at various Internet security companies release lists of the most used passwords. ADVERTISEMENT. The passwords that are on these lists may act as a warning for any Internet and electronic device user. Some common passwords have ...
6 months ago Ghacks.net
AnyDesk hacked, details unclear - The remote access software provider published a disclosure post to its website late last week describing the incident. AnyDesk said it activated a remediation and response plan as well as engaged CrowdStrike. As of Friday, the company had not revoked ...
4 months ago Techtarget.com
AnyDesk revokes certs, passwords after IT security breach The Register - The biz has told customers to expect disruption as it attempts to lock down its infrastructure. While there's no specific mention of stolen data, some infosec analysts have pointed out that the disclosure indicates that criminals got hold of ...
4 months ago Go.theregister.com
Protect your Active Directory from these Password-based Vulnerabilities - Deploying a security solution like Specops Password Policy enhances the protection of passwords, which are frequently exploited as an initial entry point by attackers. In this attack, the perpetrator, typically using a compromised low-level account ...
6 months ago Bleepingcomputer.com
GitHub Revokes Compromised Code Signing Certificates After Repo Hack - GitHub has recently revealed that unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories. The company has found no ...
1 year ago Bleepingcomputer.com
CISA Warns of Compromised Microsoft Accounts - CISA issued a fresh CISA emergency directive in early April instructing U.S. federal agencies to mitigate risks stemming from the breach of numerous Microsoft corporate email accounts by the Russian APT29 hacking group. The directive is known as ...
2 months ago Securityboulevard.com
GitHub code-signing certificates stolen - Another day, another access-token-based database breach. This time, the victim is Microsoft's GitHub business. On December 6, 2022, repositories from our atom, desktop, and other deprecated GitHub-owned organizations were cloned by a compromised ...
1 year ago Nakedsecurity.sophos.com
In Pursuit of a Passwordless Future - Many computer users dream of a day when the industry can move past its reliance on passwords to reach a more serene future of frictionless cybersecurity. The fact is that countless remaining devices and systems have been aging and based on password ...
6 months ago Securityboulevard.com
In Pursuit of a Passwordless Future - Many computer users dream of a day when the industry can move past its reliance on passwords to reach a more serene future of frictionless cybersecurity. The fact is, countless remaining devices and systems are aging relics that have been based on ...
5 months ago Cyberdefensemagazine.com
CVE-2021-44425 - An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.3. An unnecessarily open listening port on a machine in the LAN of an attacker, opened by the Anydesk Windows client when using the tunneling feature, allows the attacker ...
1 year ago
Hackers' Use of Remote Administration Tools to Control Systems - Remote administration tools are software that allows managing and controlling terminals from a remote location. The tools can be used for work-from-home purposes as well as remote control, management, and maintenance of unmanned devices. AnyDesk is a ...
6 months ago Gbhackers.com
Jason's Deli Restaurant Chain Hit by a Credential Stuffing Attack - The personal information of more than 340,000 customers of popular restaurant chain Jason's Deli may have been victims of a credential stuffing attack, a scheme in which the hacker uses stolen or leaked credentials to log into other online accounts. ...
5 months ago Securityboulevard.com
The password attacks of 2023: Lessons learned and next steps - The relentless onslaught of password-based cyber attacks underscores the alarming ease with which cybercriminals can exploit vulnerable credentials to inflict damage. Password attacks take many forms: from phishing schemes that dupe employees into ...
6 months ago Bleepingcomputer.com
Most common passwords: 70% can be cracked in less than a second - Racking your brains to come up with a strong password can be a pain. NordPass, the password management tool from the team behind NordVPN, partnered with independent researchers to release its study of the 200 most common passwords used in 2023. Of ...
7 months ago Cnbc.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 month ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 month ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 month ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 month ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 month ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
1 month ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)