TeamViewer investigating intrusion of corporate IT environment

Software company TeamViewer said it is investigating a possible intrusion of its internal corporate IT environment after discovering irregularities on Wednesday.
In a statement published on Thursday afternoon, the company explained that it immediately activated teams to begin looking into the issue.
TeamViewer is a popular software used by hundreds of large organizations to manage fleets of devices.
The company has previously faced attacks by alleged Chinese hackers and its products have often been deployed maliciously by hackers themselves during security incidents.
The TeamViewer statement on Thursday came after reports emerged on social media of multiple organizations warning members of alleged nation-state attacks involving TeamViewer software.
A researcher shared a message from cybersecurity firm NCC Group and another from the non-profit healthcare cybersecurity organization Health-ISAC about the issue on Thursday.
APT29 is believed to be part of Russia's Foreign Intelligence Service which is responsible for foreign espionage and electronic surveillance.
The hackers have been behind some of Russia's most devastating, brazen attacks on the U.S., including the 2020 SolarWinds hack and the 2016 attack on the Democratic National Committee.
They were recently implicated in attacks on major tech providers like Microsoft and Hewlett Packard Enterprise.
In April, the top cybersecurity agency in the U.S. warned that the attack on Microsoft exposed emails from several federal agencies that may have contained authentication details or credentials.
Polyfill, Cloudflare trade barbs after reports of supply chain attack threatening 100k websites.


This Cyber News was published on therecord.media. Publication date: Fri, 28 Jun 2024 00:20:22 +0000


Cyber News related to TeamViewer investigating intrusion of corporate IT environment

Ransomware Actor Uses TeamViewer to Gain Initial Access to Networks - TeamViewer is software that organizations have long used to enable remote support, collaboration, and access to endpoint devices. Like other legitimate remote access technologies, it is also something that attackers have used with relative frequency ...
11 months ago Darkreading.com
TeamViewer's corporate network was breached in alleged APT hack - The remote access software company TeamViewer is warning that its corporate environment was breached in a cyberattack yesterday, with a cybersecurity firm claiming it was by an APT hacking group. The company says that it plans to be transparent about ...
5 months ago Bleepingcomputer.com
TeamViewer Hack Officially Attributed to Russian Cyberspies - TeamViewer has confirmed that a notorious Russian cyberespionage group appears to be behind the recent hacker attack targeting the company's systems. The remote connectivity software provider revealed last week that it had detected an intrusion on ...
5 months ago Securityweek.com
TeamViewer Hack Officially Attributed to Russian Cyberspies - TeamViewer has confirmed that a notorious Russian cyberespionage group appears to be behind the recent hacker attack targeting the company's systems. The remote connectivity software provider revealed last week that it had detected an intrusion on ...
5 months ago Packetstormsecurity.com
TeamViewer breached by Russian state actor Midnight Blizzard - TeamViewer's corporate network was breached this week in an attack that the remote access software vendor attributed to Russian state-sponsored threat actor Midnight Blizzard. The company wrote at the time that it immediately began an investigation ...
5 months ago Techtarget.com
TeamViewer abused to breach networks in new ransomware attacks - Ransomware actors are again using TeamViewer to gain initial access to organization endpoints and attempt to deploy encryptors based on the leaked LockBit ransomware builder. TeamViewer is a legitimate remote access tool used extensively in the ...
11 months ago Bleepingcomputer.com
TeamViewer investigating intrusion of corporate IT environment - Software company TeamViewer said it is investigating a possible intrusion of its internal corporate IT environment after discovering irregularities on Wednesday. In a statement published on Thursday afternoon, the company explained that it ...
5 months ago Therecord.media
TeamViewer: Hackers copied employee directory data and encrypted passwords - Software company TeamViewer says that a compromised employee account is what enabled hackers to breach its internal corporate IT environment and steal encrypted passwords in an incident attributed to the Russian government. In an update on Sunday ...
5 months ago Therecord.media
Cybersecurity breach of TeamViewer Corporate environment by APT29 - TeamViewer, a remote monitoring and management tool based in Germany, has reported a security breach within its internal corporate IT environment. The incident occurred on June 26, 2024, prompting immediate remedial actions to prevent any potential ...
5 months ago Cybersecurity-insiders.com
Best of 2023: Diamond Model of Intrusion Analysis: A Quick Guide - Any intrusion into a network calls for a thorough analysis to give security teams cyber intelligence about different threats and to help thwart similar future attacks. Effective incident analysis has long been held back by uncertainty and high false ...
11 months ago Securityboulevard.com
Network Segmentation Saved TeamViewer From APT29 Attack - This segregation is one of multiple layers of protection in our 'defense in-depth' approach. Defense-in-depth is a set of basic techniques, including network segmentation, that the US government consistently urges people to implement. Others include ...
5 months ago Darkreading.com
Surge of swatting attacks targets corporate executives and board members - At around 8:45 pm on February 1, 2023, a caller to the Groveland, Massachusetts, 911 emergency line told dispatchers that he harmed someone in a home on Marjorie Street in the upscale small town 34 miles north of Boston. The caller also said he would ...
1 year ago Csoonline.com
TeamViewer says Russia's 'Cozy Bear' hackers attacked corporate IT system - Software company TeamViewer confirmed on Friday that a prolific Russian hacking group breached its corporate IT environment earlier in the week. In an updated statement, the company attributed a recently announced incident to APT29, also known as ...
5 months ago Therecord.media
TeamViewer says Russia's 'Cozy Bear' hackers attacked corporate IT system - Software company TeamViewer confirmed on Friday that a prolific Russian hacking group breached its corporate IT environment earlier in the week. In an updated statement, the company attributed a recently announced incident to APT29, also known as ...
5 months ago Therecord.media
Council Gives Green Light to Europe's Corporate Sustainability Due Diligence Directive - For most businesses, corporate responsibility has evolved from a peripheral concern to a core consideration. Today, with the Council's vote on the European Union Corporate Sustainability Due Diligence Directive, the EU took a significant step toward ...
9 months ago Feedpress.me
CISA orders agencies impacted by Microsoft hack to mitigate risks - CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group. It requires them to investigate potentially ...
8 months ago Bleepingcomputer.com
Microsoft tells how Russia's Cozy Bear broke into its email The Register - Microsoft, a week after disclosing that Kremlin-backed spies broke into its network and stole internal emails and files from its executives and staff, has now confirmed the compromised corporate account used in the genesis of the heist didn't even ...
10 months ago Go.theregister.com
Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours - In late December 2022, we observed threat actors exploiting a publicly exposed Remote Desktop Protocol host, leading to data exfiltration and the deployment of Trigona ransomware. On Christmas Eve, within just three hours of gaining initial access, ...
10 months ago Thedfirreport.com
How Secure Cloud Development Replaces Virtual Desktop Infrastructures - The need to secure corporate IT environments is common to all functions of organizations, and software application development is one of them. Development environments have notoriously complex setups and often require significant maintenance because ...
9 months ago Feeds.dzone.com
CISA Warns of Compromised Microsoft Accounts - CISA issued a fresh CISA emergency directive in early April instructing U.S. federal agencies to mitigate risks stemming from the breach of numerous Microsoft corporate email accounts by the Russian APT29 hacking group. The directive is known as ...
8 months ago Securityboulevard.com
Microsoft reveals how hackers breached its Exchange Online accounts - Microsoft confirmed that the Russian Foreign Intelligence Service hacking group, which hacked into its executives' email accounts in November 2023, also breached other organizations as part of this malicious campaign. On January 12, 2024, Microsoft ...
10 months ago Bleepingcomputer.com
Russian hackers stole Microsoft corporate emails in month-long breach - Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard. The company detected the attack on January 12th, with Microsoft initiating its ...
11 months ago Bleepingcomputer.com
Russian hackers stole Microsoft corporate emails in month-long breach - Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard. The company detected the attack on January 12th, with Microsoft initiating its ...
11 months ago Bleepingcomputer.com
CVE-2018-14333 - TeamViewer through 13.1.1548 stores a password in Unicode format within TeamViewer.exe process memory between "[00 88] and "[00 00 00]" delimiters, which might make it easier for attackers to obtain sensitive information by leveraging an ...
6 years ago
CVE-2019-11769 - An issue was discovered in TeamViewer 14.2.2558. Updating the product as a non-administrative user requires entering administrative credentials into the GUI. Subsequently, these credentials are processed in Teamviewer.exe, which allows any ...
5 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)