Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Wednesday October 23 2019, @01:21AM   Printer-friendly
from the out-cybered-by-outsiders dept.

Submitted via IRC for SoyCow9088

Avast says hackers breached internal network through compromised VPN profile

Czech cyber-security software maker Avast disclosed today a security breach that impacted its internal network.

In a statement published today, the company said it believed the attack's purpose was to insert malware into the CCleaner software, similar to the infamous CCleaner 2017 incident.

Avast said the breach occurred because the attacker compromised an employee's VPN credentials, gaining access to an account that was not protected using a multi-factor authentication solution.

The intrusion was detected on September 23, but Avast said it found evidence of the attacker targeting its infrastructure going as far back as May 14, this year.

"The user, whose credentials were apparently compromised [...], did not have domain admin privileges. However, through a successful privilege escalation, the actor managed to obtain domain admin privileges," said Jaya Baloo, Avast Chief Information Security Officer (CISO).

This sudden access rights elevation prompted the company to investigate, Baloo told ZDNet in an email today.

Staff eventually tracked down other security alerts inside Avast's ATA dashboard, alerts that engineers previously ignored, thinking they were false positives. ATA stands for Microsoft Advanced Threat Analytics, an on-premise network parsing engine and traffic analysis system that Microsoft sells to enterprises in order to protect internal networks from malicious attacks triggered from inside.

The alert showed that the compromised user account replicated Avast's Active Directory service, an effective digital map of the company's internal network.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Wednesday October 23 2019, @03:12AM (2 children)

    by Anonymous Coward on Wednesday October 23 2019, @03:12AM (#910654)

    You have nothing to say of advocacy for total surveillance? A spying society is a responsible society. It worked for Communist East Germany, and it worked for Communist Richard Stallman.

  • (Score: 0) by Anonymous Coward on Wednesday October 23 2019, @06:46AM (1 child)

    by Anonymous Coward on Wednesday October 23 2019, @06:46AM (#910690)

    It sure doesn't look like he's advocating for total surveillance of all of society to me.

    • (Score: 0) by Anonymous Coward on Wednesday October 23 2019, @07:04AM

      by Anonymous Coward on Wednesday October 23 2019, @07:04AM (#910694)

      If everyone's cards are on the table then it's easy to run an honest game. That is why so many games, including real life have paths to cheat or 'oversights' built into the rules. Information asymmetry is how the informed become stronger and the uninformed become weaker.