Resecurity CEO Charles Yoo breaks down the Citrix hack, Iranian group IRIDIUM and how the firm suddenly burst into the spotlight
Resecurity was confident in its claims that IRIDIUM had perpetrated the Citrix hack – as well as other high-profile cyber-attacks. Yoo says the name “IRIDIUM” was assigned by Resecurity internally.
“The most active period of their visibility and malicious activity was during winter 2018, when we alerted several large enterprises regarding malicious activity directed by the group,” says Yoo.1 financial institution in the US1 utility company in the US4 ministries of foreign affairs in the Middle EastSo how was the group identified? “Interestingly, some of their members have been identified as the result of Dark Web monitoring,” says Yoo.
He points out that in all observed cases of the group’s activity, the end victim has been attacked through “password spraying” with further attempt to escalate privileges and conduct network intrusion through sign-on , VPN or other available channels, leading to massive data exfiltration. Malicious cyber actors are increasingly using a style of brute force attack known as password spraying against organizations in the United States and abroad, says Yoo.
Password spray campaigns typically target SSO and cloud-based applications utilizing federated authentication protocols, says Yoo. “An actor may target this specific protocol because federated authentication can help mask malicious traffic. Additionally, by targeting SSO applications, malicious actors hope to maximize access to intellectual property during a successful compromise.”
Brasil Últimas Notícias, Brasil Manchetes
Similar News:Você também pode ler notícias semelhantes a esta que coletamos de outras fontes de notícias.
Why The Citrix Breach Matters -- And What To Do NextCitrix has been hit by hackers in attacks that potentially exposed large amounts of customer data. What happened and how can firms protect themselves?
Consulte Mais informação »
Why The Citrix Breach Matters -- And What To Do NextCitrix has been hit by hackers in attacks that potentially exposed large amounts of customer data. What happened and how can firms protect themselves?
Consulte Mais informação »
Israel suspects Iran of hacking election frontrunner Gantz's phone: TVIsrael's Shin Bet security service suspects Iran of hacking the mobile phon...
Consulte Mais informação »
Israel election frontrunner Gantz dismisses report that Iran hacked his phoneBenny Gantz, Prime Minister Benjamin Netanyahu's toughest rival in Israel&...
Consulte Mais informação »
Iran's oil minister blames U.S. for market tensionsIranian Oil Minister Bijan Zanganeh said on Saturday frequent U.S. comments abou...
Consulte Mais informação »
Iran warns of firm response if Israel acts against its oil shipmentsIran will respond firmly to any Israeli naval action against its oil shipments, ...
Consulte Mais informação »
14 Borderline Genius Cleaning Hacks That Will Seriously Surprise YouFrom your kitchen to your bedroom, these hacks will make spring cleaning a breeze.
Consulte Mais informação »
Report: Tech Company In Steele Dossier May Have Been Used To Support DNC HackThe report by a former top FBI cyber-security official was filed in federal court by BuzzFeed News in its defense against a lawsuit over the publication of the dossier.
Consulte Mais informação »
Analysis | Beto O’Rourke’s hacking universe, explainedHe was not a 'hacker' in the sense that you might think.
Consulte Mais informação »