noodls browser compatibility check

The security settings of your browser are blocking the execution of scripts.

To use noodls, javascript support must be enabled. Please change your browser's security settings to enable javascript.

If you have changed your browser's security settings, you can click here.

related announcements

News

ARS Pharmaceuticals Inc.

ARS Pharmaceuticals Announces EURneffy (adrenaline nasal spray)[...]
Orange and Rockland Utilities Inc.

O&R Estimates Remaining Customers to Be Restored by 11:00 P.M. Tonight[...]
ARS Pharmaceuticals Inc.

Material Event Form 8 K

Technology

NCC Group plc

06/28/2024 | Press release | Distributed by Public on 06/28/2024 04:55

Threat Intelligence: TeamViewer compromised by APT29

On Thursday 27th June, NCC Group received intelligence to suggest that TeamViewer, one of the largest remote access and control software providers, had been compromised by Advanced Persistent Threat (APT) group 29. Due to the widespread usage of TeamViewer, we issued an alert to our customers under TLP:AMBER-STRICT. We have since revised the handling conditions of this intelligence to TLP:GREEN.

APT29, also known as Cozy Bear, The Dukes, and CozyDuke, is a cyber-espionage group that is associated with the Russian Foreign Intelligence Service (SVR). APT29 has been linked to cyberattacks and intelligence gathering operations targeting government, military, think tanks, and other organisations globally.

Matt Hull, Global Head of Threat Intelligence commented: "NCC group is continuing its investigation into this intelligence and attempting to establish the extent of the APT's activities. We will continue sharing detailed attack information with the relevant stakeholders that are affected by this threat actor. Our SOC teams have been placed on heightened alert for activity associated with TeamViewer.

"We advise that until further details are known about the type of compromise TeamViewer has been subjected too, removal of TeamViewer from your estate will assist in mitigating any potential compromise via this vector. We also recommend reviewing hosts that have this installed for unusual behaviour that might suggest it has already been compromised. If you are unable to remove the application, then placing those hosts with it installed under heightened monitoring may provide you with further assurance."

In an official announcement, TeamViewer confirmed that on Wednesday, June 26, 2024, their security team identified an irregularity within their internal corporate IT systems. As a response, the company promptly activated a dedicated team, initiated investigations, and implemented essential remediation measures.

Subscribe to our monthly reports and webinars for the latest on recent and emerging advances in the threat landscape and a deep understanding of the latest Tactics, Techniques and Procedures (TTPs) of threat actors.

Sharing and Personal Tools

Please select the service you want to use: