Today, TeamViewer, a large remote access and control software provider, has confirmed a data breach by the notorious hacker group Midnight Blizzard. The company’s statement confirmed the breach is tied to an employee’s credentials within its Corporate IT environment. Bleeping Computer has more details:
While TeamViewer states there is no evidence that its product environment or customer data has been breached, its massive use in both consumer and corporate environments makes any breach a significant concern as it would provide full access to internal networks.
In 2019, TeamViewer confirmed a 2016 breach linked to Chinese threat actors due to their use of the Winnti backdoor. The company said they did not disclose the breach at the time as data was not stolen in the attack.
Glenn Chisolm, Co-Founder, Obsidian had this to say:
“Identity compromise, which has been a driver in the TeamViewer incident, is a critical component of most breaches we see in customer environments, accounting for over 80% of SaaS breaches. We see TeamViewer deployed by 1-in-3 organizations – so ensuring that the breach is contained is the first big step for the company.
Our advice to customers to minimize identity compromises is to follow 3 crucial steps – a) centralize identity access behind an IdP — often many apps also have local users, and ensuring the right levels of security is much harder in a distributed setting, b) federated access supported with the right levels of MFA to elevate the security, and c) monitor and protect employee accounts, especially administrative accounts, against abnormal behavior — such as can result from spear phishing attacks, AiTM phishing, and more.”
TeamViewer is something that I have been strongly recommending against since their 2016 hack that they only admitted to three years later. This reinforces the fact that if you use TeamViewer, you should strongly consider using another product. Because TeamViewer clearly cannot be trusted.
Related
This entry was posted on June 29, 2024 at 10:01 am and is filed under Commentary with tags TeamViewer. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
TeamViewer Pwned Again
Today, TeamViewer, a large remote access and control software provider, has confirmed a data breach by the notorious hacker group Midnight Blizzard. The company’s statement confirmed the breach is tied to an employee’s credentials within its Corporate IT environment. Bleeping Computer has more details:
While TeamViewer states there is no evidence that its product environment or customer data has been breached, its massive use in both consumer and corporate environments makes any breach a significant concern as it would provide full access to internal networks.
In 2019, TeamViewer confirmed a 2016 breach linked to Chinese threat actors due to their use of the Winnti backdoor. The company said they did not disclose the breach at the time as data was not stolen in the attack.
Glenn Chisolm, Co-Founder, Obsidian had this to say:
“Identity compromise, which has been a driver in the TeamViewer incident, is a critical component of most breaches we see in customer environments, accounting for over 80% of SaaS breaches. We see TeamViewer deployed by 1-in-3 organizations – so ensuring that the breach is contained is the first big step for the company.
Our advice to customers to minimize identity compromises is to follow 3 crucial steps – a) centralize identity access behind an IdP — often many apps also have local users, and ensuring the right levels of security is much harder in a distributed setting, b) federated access supported with the right levels of MFA to elevate the security, and c) monitor and protect employee accounts, especially administrative accounts, against abnormal behavior — such as can result from spear phishing attacks, AiTM phishing, and more.”
TeamViewer is something that I have been strongly recommending against since their 2016 hack that they only admitted to three years later. This reinforces the fact that if you use TeamViewer, you should strongly consider using another product. Because TeamViewer clearly cannot be trusted.
Share this:
Like this:
Related
This entry was posted on June 29, 2024 at 10:01 am and is filed under Commentary with tags TeamViewer. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.