Readit News logoReadit News
Posted by u/matbilodeau a year ago
'Copycat' websites targeted in court battle with pirate Soap2Day streamerscbc.ca/news/canada/britis...
Posted by u/matbilodeau 2 years ago
Airbnb is banning indoor security camerastheverge.com/2024/3/11/24...
Posted by u/matbilodeau 2 years ago
Canada Supreme Court rules police need warant to get a person's IP addresscbc.ca/news/politics/supr...
Posted by u/matbilodeau 2 years ago
City Council Unwittingly Approves Pirate IPTV Scheme and Documents Everythingtorrentfreak.com/city-cou...
matbilodeau commented on Canada to ban the Flipper Zero to stop surge in car thefts   bleepingcomputer.com/news... · Posted by u/matbilodeau
matbilodeau · 2 years ago
Continuation of https://news.ycombinator.com/item?id=39308731
Posted by u/matbilodeau 2 years ago
Canada to ban the Flipper Zero to stop surge in car theftsbleepingcomputer.com/news...
Posted by u/matbilodeau 2 years ago
Canadian government banning Flipper Zero to combat auto theftcanada.ca/en/public-safet...
matbilodeau commented on Remote access giant AnyDesk resets passwords and revokes certificates after hack   techcrunch.com/2024/02/05... · Posted by u/impish9208
ThePowerOfFuet · 2 years ago
If (huge if!) those screen shots are legit, then Anydesk was storing passwords in cleartext or equivalent; many of them are far too random to be bruteforced so quickly.

The last one, where both the domain name and password start with QR, makes me think the screenshots might actually be legit.

matbilodeau · 2 years ago
Seen on Breach Forums onion site as well ...
matbilodeau commented on Remote access giant AnyDesk resets passwords and revokes certificates after hack   techcrunch.com/2024/02/05... · Posted by u/impish9208
ziddoap · 2 years ago
>AnyDesk did not respond to questions asking if any customer data was accessed, though the company said in its statement that there is “no evidence that any end-user systems have been affected.”

In my experience, this answer is equivalent to "Yes, customer data was accessed".

If it wasn't, they'd say something like "We have no reason to believe customer data was accessed", instead of trying to shift the focus to whether or not end-user systems were caught up in the blast radius.

matbilodeau · 2 years ago
there are accounts for sale https://securityonline.info/anydesk-breach-2024-dark-web-sal...
matbilodeau commented on AnyDesk Incident Response 2-2-2024   anydesk.com/en/public-sta... · Posted by u/matbilodeau
matbilodeau · 2 years ago
The ramifications of this breach are profound. Cybercriminals who gained access to the AnyDesk portal could glean valuable information about customers, including license keys, active connections, session durations, contact information, email addresses, and the number of managed remote access hosts, all with their online/offline status and IDs. Such details open up a plethora of malicious possibilities.

In light of this breach, AnyDesk customers must take proactive steps to protect their accounts and data. Password changes alone are insufficient. AnyDesk offers a whitelist feature, enabling users to specify who can connect to their devices, adding an extra layer of security. Multi-factor authentication (MFA) is strongly recommended to enhance account protection. Organizations should also monitor for any unexpected password and MFA changes, suspicious sessions, and emails referencing AnyDesk accounts from unknown sources.

https://securityonline.info/anydesk-breach-2024-dark-web-sal...

m

u/matbilodeau

KarmaCake day913April 16, 2017
About
for the cheese https://hnbadges.netlify.app/?user=matbilodeau

Kismet : 8d240f87745707dbd7b48d0b1880574ec79561cb6a9a3d028cc86dcb5c1ac28e

[ my public key: https://keybase.io/matbilodeau; my proof: https://keybase.io/matbilodeau/sigs/8N_WF2kRQFQAl6qh4SM_BRVHPxnEGINrpKeihn0VR94 ]

View Original