430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

FBI’s alert warns about using Windows 7 and TeamViewer

The FBI is warning companies about the use of out-of-date Windows 7 systems, desktop sharing software TeamViewer, and weak account passwords. The FBI issues this week a Private Industry Notification (PIN) alert to warn companies about the risks of using out-of-date Windows 7 systems, poor account passwords, and desktop sharing software TeamViewer. The alert comes […]

FBI surveillance

The FBI is warning companies about the use of out-of-date Windows 7 systems, desktop sharing software TeamViewer, and weak account passwords.

The FBI issues this week a Private Industry Notification (PIN) alert to warn companies about the risks of using out-of-date Windows 7 systems, poor account passwords, and desktop sharing software TeamViewer.

The alert comes after the recent attacks on the Oldsmar water treatment plant’s network where attackers tried to raise levels of sodium hydroxide, by a factor of more than 100. The investigation into the incident revealed that operators at the plant were using out-of-date Windows 7 systems and poor account passwords, and the desktop sharing software TeamViewer was used by the attackers to breach the network of the plant.

“The attempt on Friday was thwarted. The hackers remotely gained access to a software program, named TeamViewer, on the computer of an employee at the facility for the town of Oldsmar to gain control of other systems, Sheriff Bob Gualtieri said in an interview.” reported the Reuters.

The alert urges organizations to review internal networks and mitigate the risks posed by the above factors.

“Beyond its legitimate uses, TeamViewer allows cyber actors to exercise remote control over computer systems and drop files onto victim computers, making it functionally similar to Remote Access Trojans (RATs),” states the FBI’s PIN alert. “TeamViewer’s legitimate use, however, makes anomalous activity less suspicious to end users and system administrators compared to typical RATs.”

The FBI alert warns of the abuse of desktop sharing software like TeamViewer, threat actors could abuse them access target network once obtained the login credentials of its employees. Below the recommendations provided by the alert:

TeamViewer Software RecommendationsFor a more secured implementation of TeamViewer software:

  • Do not use unattended access features, such as “Start TeamViewer with Windows” and“Grant easy access.”
  • Configure TeamViewer service to “manual start,” so that the application and associatedbackground services are stopped when not in use.
  • Set random passwords to generate 10-character alphanumeric passwords.
  • If using personal passwords, utilize complex rotating passwords of varying lengths. Note:TeamViewer allows users to change connection passwords for each new session. If an enduser chooses this option, never save connection passwords as an option as they can beleveraged for persistence

The FBI alert also warns of the risk of using Windows 7 operating system that has reached end-of-life on January 14, 2020.

“Continued use of Windows 7 increases the risk of cyber actorexploitation of a computer system” continues the alert. “Cyber actors continue to find entry points into legacy Windows operating systems and leverageRemote Desktop Protocol (RDP) exploits.”

The alert warns of cyber actors often using misconfigured or improperly secured RDP access controls to conduct cyber-attacks.

Below the general general recommendations provided by the FBI:

  • Update to the latest version of the operating system (e.g. Windows 10).
  • Use multiple-factor authentication.
  • Use strong passwords to protect Remote Desktop Protocol (RDP) credentials.
  • Ensure anti-virus, spam filters, and firewalls are up to date, properly configured and secure.
  • Audit network configurations and isolate computer systems that cannot be updated.
  • Audit your network for systems using RDP, closing unused RDP ports, applying multiple-factorauthentication wherever possible, and logging RDP login attempts.
  • Audit logs for all remote connection protocols.
  • Train users to identify and report attempts at social engineering.
  • Identify and suspend access of users exhibiting unusual activity

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, FBI)

[adrotate banner=”5″]

[adrotate banner=”13″]