Community Edition
Total Tests:
This Week:
Today:
Recent Blog Posts
Four Iranian Hackers Charged With Cyberattacks On American Firms
April 25, 2024
An Ex-Amazon Security Engineer Gets 3 Years In Jail For Hacking And Crypto Theft
April 18, 2024
Hacker Fakes His Own Death To Avoid Child Support Payments
April 11, 2024
ATM Skimming Ring Leader Sentenced To 75 Months In Prison
April 4, 2024
German Authorities Dismantle the Nemezis Market Dark Web Marketplace
March 28, 2024
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

ImmuniWebInternational Media Coverage

Comments On Chinese Hacker Group Bypassing 2FA To Hack Government Entities And MSPs

Information Security Buzz
Wednesday, December 25, 2019

Chinese state-sponsored hacker group APT20 has been bypassing two-factor authentication (2FA) in a recent wave of attacks, hacking government entities and managed service providers.

Ilia Kolochenko, Founder and CEO, ImmuniWeb

To attribute the attacks to the named group, we will probably need some supplementary evidence to ascertain who is truly behind these intrusions. Modern-day cybercriminals like to frame each other and using well-known cybercrime “brands” to hinder investigation.

Managed service providers (MSP) are an attractive target and usually have uncontrolled access to the most sensitive data or systems of the world largest financial institutions and organizations. Frequently, MSPs underestimate their own risks and try to save money on data protection and cybersecurity. Cybercriminals are well-aware of such a low-hanging fruit, which can bring a windfall without incurring much risk or spending considerable amount of effort. We should expect a rapid increase of targeted third-party breaches in 2020, aimed to compromised Western organizations and governments.

The allegedly bypassed 2FA has never been a panacea, as it is vulnerable to sophisticated hardware or software weaknesses, as well as to smart social engineering attacks. Continuous security monitoring and anomaly detection remain vital for organizations to detect obscure intrusions in a timely manner. Insecure web applications will remain the weakest link, providing an easy target to get into corporate networks via chained attacks.

Comprehensive web asset inventory, patch management processes and a WAF are the very basic but must-have controls to prevent at least the most widespread attack vectors and exploitation techniques targeting web applications. Read Full Article


Previous Media Publications:

Software Testing NEWS: “You don’t need to have a Master’s Degree in cybersecurity to follow your common sense.”- Kolochenko’s interview part two

Infosecurity Magazine: Comments On London’s Met Police Splash The Cash On e-learning “cyber” Training For 4K Staffers

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
Your data will stay private and confidential