Stories
Slash Boxes
Comments

SoylentNews is people

Avast Says Hackers Breached Internal Network Through Compromised VPN Profile

posted by janrinok on Wednesday October 23 2019, @01:21AM   Printer-friendly
from the out-cybered-by-outsiders dept.

upstart writes:

Submitted via IRC for SoyCow9088

Avast says hackers breached internal network through compromised VPN profile

Czech cyber-security software maker Avast disclosed today a security breach that impacted its internal network.

In a statement published today, the company said it believed the attack's purpose was to insert malware into the CCleaner software, similar to the infamous CCleaner 2017 incident.

Avast said the breach occurred because the attacker compromised an employee's VPN credentials, gaining access to an account that was not protected using a multi-factor authentication solution.

The intrusion was detected on September 23, but Avast said it found evidence of the attacker targeting its infrastructure going as far back as May 14, this year.

"The user, whose credentials were apparently compromised [...], did not have domain admin privileges. However, through a successful privilege escalation, the actor managed to obtain domain admin privileges," said Jaya Baloo, Avast Chief Information Security Officer (CISO).

This sudden access rights elevation prompted the company to investigate, Baloo told ZDNet in an email today.

Staff eventually tracked down other security alerts inside Avast's ATA dashboard, alerts that engineers previously ignored, thinking they were false positives. ATA stands for Microsoft Advanced Threat Analytics, an on-premise network parsing engine and traffic analysis system that Microsoft sells to enterprises in order to protect internal networks from malicious attacks triggered from inside.

The alert showed that the compromised user account replicated Avast's Active Directory service, an effective digital map of the company's internal network.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Avast Says Hackers Breached Internal Network Through Compromised VPN Profile | Log In/Create an Account | Top | 15 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: -1, Troll) by Anonymous Coward on Wednesday October 23 2019, @01:51AM (10 children)

    by Anonymous Coward on Wednesday October 23 2019, @01:51AM (#910629)

    Use an empty password, said Richard Stallman. We don't need security, said Richard Stallman. Total surveillance will promote good behavior, said Richard Stallman. Pedophilia isn't a real thing, said Richard Stallman.

    Starting Score:    0  points
    Moderation   -1  
       Troll=1, Total=1
    Extra 'Troll' Modifier   0  
    Total Score:   -1  

  • (Score: 0) by Anonymous Coward on Wednesday October 23 2019, @02:01AM (5 children)

    by Anonymous Coward on Wednesday October 23 2019, @02:01AM (#910631)

    > Use an empty password, said Richard Stallman.

    This "quote" (above) I believe is true, and made perfect sense on the shared computers at the AI Lab. Their ITS OS also had a convenient "kill system" command which did a great job of taking all the fun out of bringing down the system--gently nudging new and inquisitive users to focus their talents in other directions (working out how to kill the system was a popular newbie pastime back then)...but that was then and things are much different now.

    Not so sure about your other "quotes", do you have citations?

    • (Score: 0) by Anonymous Coward on Wednesday October 23 2019, @02:21AM (4 children)

      by Anonymous Coward on Wednesday October 23 2019, @02:21AM (#910636)

      Because I don't believe that it's really desirable to have security on a computer, I shouldn't be willing to help uphold the security regime. On the systems that permit it I use the “empty password”, and on systems where that isn't allowed, or where that means you can't log in at all from other places, things like that, I use my login name as my password.

      But the ITS machines had certain other features that helped prevent this from getting out of hand, one of these was the “spy” feature, where anybody could watch what anyone else was doing. And of course tourists loved to spy, they think it's such a neat thing, it's a little bit naughty you see, but the result is that if any tourist starts doing anything that causes trouble there's always somebody else watching him. So pretty soon his friends would get very mad because they would know that the continued existence of tourism depended on tourists being responsible.

      https://www.gnu.org/philosophy/stallman-kth.html [gnu.org]

      The first target of this censorship is sites and newsgroups that supposedly contain "child pornography". This term is dishonest, since the law defines "child" as "anyone under 18". For instance, Americans of age 16 are hardly children. They are sexually mature, almost half of them have had sex, and any normal adult will find them attractive. But our government calls them "children", with the implication that being attracted to them makes you a pervert.

      https://stallman.org/archives/2006-mar-jun.html [stallman.org]

      • (Score: 0) by Anonymous Coward on Wednesday October 23 2019, @02:46AM (3 children)

        by Anonymous Coward on Wednesday October 23 2019, @02:46AM (#910644)

        Regardless of your pearl clutching, censorship and its advocates are always evil and far more offensive than any content you will find anywhere.

        Besides, he's right. Pedophilia is a cultural thing. If you want real pedophilia, go to one of Kissinger's dinner parties!

        • (Score: 0) by Anonymous Coward on Wednesday October 23 2019, @03:12AM (2 children)

          by Anonymous Coward on Wednesday October 23 2019, @03:12AM (#910654)

          You have nothing to say of advocacy for total surveillance? A spying society is a responsible society. It worked for Communist East Germany, and it worked for Communist Richard Stallman.

          • (Score: 0) by Anonymous Coward on Wednesday October 23 2019, @06:46AM (1 child)

            by Anonymous Coward on Wednesday October 23 2019, @06:46AM (#910690)

            It sure doesn't look like he's advocating for total surveillance of all of society to me.

            • (Score: 0) by Anonymous Coward on Wednesday October 23 2019, @07:04AM

              by Anonymous Coward on Wednesday October 23 2019, @07:04AM (#910694)

              If everyone's cards are on the table then it's easy to run an honest game. That is why so many games, including real life have paths to cheat or 'oversights' built into the rules. Information asymmetry is how the informed become stronger and the uninformed become weaker.

  • (Score: -1, Troll) by Anonymous Coward on Wednesday October 23 2019, @02:29AM (3 children)

    by Anonymous Coward on Wednesday October 23 2019, @02:29AM (#910639)

    Show us Buzzard's cock!

    • (Score: 2) by c0lo on Wednesday October 23 2019, @02:48AM (2 children)

      by c0lo (156) Subscriber Badge on Wednesday October 23 2019, @02:48AM (#910645) Journal

      Just be careful what you wish for, will ye?

      Buzzard's cock may want to be free (or maybe not), but even if so this doesn't make "information" from it.

      --
      https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford

      • (Score: 0) by Anonymous Coward on Wednesday October 23 2019, @03:07AM (1 child)

        by Anonymous Coward on Wednesday October 23 2019, @03:07AM (#910650)

        The information is CCleaner can't clean Buzzard's cock.

        • (Score: 2) by c0lo on Wednesday October 23 2019, @06:14AM

          by c0lo (156) Subscriber Badge on Wednesday October 23 2019, @06:14AM (#910679) Journal

          <pedantic hat="on">That's data, not information</pedantic>

          --
          https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford