Resecurity CEO Charles Yoo breaks down the Citrix hack, Iranian group IRIDIUM and how the firm suddenly burst into the spotlight
Resecurity was confident in its claims that IRIDIUM had perpetrated the Citrix hack – as well as other high-profile cyber-attacks. Yoo says the name “IRIDIUM” was assigned by Resecurity internally.
“The most active period of their visibility and malicious activity was during winter 2018, when we alerted several large enterprises regarding malicious activity directed by the group,” says Yoo.1 financial institution in the US1 utility company in the US4 ministries of foreign affairs in the Middle EastSo how was the group identified? “Interestingly, some of their members have been identified as the result of Dark Web monitoring,” says Yoo.
He points out that in all observed cases of the group’s activity, the end victim has been attacked through “password spraying” with further attempt to escalate privileges and conduct network intrusion through sign-on , VPN or other available channels, leading to massive data exfiltration. Malicious cyber actors are increasingly using a style of brute force attack known as password spraying against organizations in the United States and abroad, says Yoo.
Password spray campaigns typically target SSO and cloud-based applications utilizing federated authentication protocols, says Yoo. “An actor may target this specific protocol because federated authentication can help mask malicious traffic. Additionally, by targeting SSO applications, malicious actors hope to maximize access to intellectual property during a successful compromise.”
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Why The Citrix Breach Matters -- And What To Do NextCitrix has been hit by hackers in attacks that potentially exposed large amounts of customer data. What happened and how can firms protect themselves?
Read more »
Why The Citrix Breach Matters -- And What To Do NextCitrix has been hit by hackers in attacks that potentially exposed large amounts of customer data. What happened and how can firms protect themselves?
Read more »
Israel suspects Iran of hacking election frontrunner Gantz's phone: TVIsrael's Shin Bet security service suspects Iran of hacking the mobile phon...
Read more »
Israel election frontrunner Gantz dismisses report that Iran hacked his phoneBenny Gantz, Prime Minister Benjamin Netanyahu's toughest rival in Israel&...
Read more »
Iran's oil minister blames U.S. for market tensionsIranian Oil Minister Bijan Zanganeh said on Saturday frequent U.S. comments abou...
Read more »
Iran warns of firm response if Israel acts against its oil shipmentsIran will respond firmly to any Israeli naval action against its oil shipments, ...
Read more »
14 Borderline Genius Cleaning Hacks That Will Seriously Surprise YouFrom your kitchen to your bedroom, these hacks will make spring cleaning a breeze.
Read more »
Report: Tech Company In Steele Dossier May Have Been Used To Support DNC HackThe report by a former top FBI cyber-security official was filed in federal court by BuzzFeed News in its defense against a lawsuit over the publication of the dossier.
Read more »
Analysis | Beto O’Rourke’s hacking universe, explainedHe was not a 'hacker' in the sense that you might think.
Read more »