SoatDev IT Consulting
SoatDev IT Consulting
  • About us
  • Expertise
  • Services
  • How it works
  • Contact Us
  • News
  • January 19, 2024
  • Rss Fetcher

IT administrators allow remote access software like Zoho Assist, TeamViewer VNC Connect, Windows RDP and AnyDesk to help employees do their work away from the office.
Unfortunately, those products can also be useful to hackers, who try to leverage poorly-secured applications like these on computers to also get (unapproved) access into enterprise networks. Which is why these utilities have to be locked down.
The latest example of failing to do that comes in a report from researchers at Huntress, who recently discovered that two endpoints at unnamed organizations had been encrypted with ransomware through compromised TeamViewer software.
Logs suggest the attacker in each case was the same, Huntress staff said in a blog. On both endpoints, the initial ransomware deployment started with a DOS batch file run from the hacked user’s desktop.
Fortunately, security software on one computer limited the number of files that were encrypted. And in neither instance was there any indication the threat actor conducted reconnaissance beyond the impacted endpoint, nor attempted to move laterally to other endpoints within the infrastructure.
There have been several reports of attackers using TeamViewer and other remote access tools to their advantage. In December, Microsoft disabled Windows App Installer because threat actors were using it to trick people trying to download legitimate versions of TeamView, AnyDesk and other utilities.
Last summer, cybersecurity agencies from seven countries warned that the LockBit ransomware gang either leveraged existing installations of TeamViewer and other tools or added them to compromised IT systems.
“Threat actors look for any available means of access to individual endpoints to wreak havoc and possibly extend their reach further into the infrastructure,” Huntress warned, which is why IT administrators need a thorough inventory of software under their control so they can apply security policies.The post Lock down TeamViewer or pay a price first appeared on IT World Canada.

Previous Post
Next Post

Recent Posts

  • Still no AI-powered, ‘more personalized’ Siri from Apple at WWDC 25
  • Here’s what’s coming to macOS Tahoe
  • Apple brings back tabs to the Photos app in iOS 26
  • OpenAI claims to have hit $10B in annual revenue
  • From spatial widgets to realistic Personas: All the visionOS updates Apple announced at WWDC 

Categories

  • Industry News
  • Programming
  • RSS Fetched Articles
  • Uncategorized

Archives

  • June 2025
  • May 2025
  • April 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023

Tap into the power of Microservices, MVC Architecture, Cloud, Containers, UML, and Scrum methodologies to bolster your project planning, execution, and application development processes.

Solutions

  • IT Consultation
  • Agile Transformation
  • Software Development
  • DevOps & CI/CD

Regions Covered

  • Montreal
  • New York
  • Paris
  • Mauritius
  • Abidjan
  • Dakar

Subscribe to Newsletter

Join our monthly newsletter subscribers to get the latest news and insights.

© Copyright 2023. All Rights Reserved by Soatdev IT Consulting Inc.