However, our focus here is upon the network traffic and indications of nefarious communications. There will continue to be discussions and increased hardening measures concerning internet-facing applications such as these. This does not entirely solve the problem, but at the least, makes the password harder to solve. This can be easily changed by the user to anything desired and using a minimum of 16-characters of password length is a good start. By default, TeamViewer generates a random 6-character password for remote connections. One of the quickest and easiest defenses to this is to implement strong and long application passwords. A good number of these application compromises are gained by cracking user credentials. The most recent public disclosure of which happened only days ago by an attacker that gained access through the TeamViewer application and attempted to poison a Florida city’s water supply by manipulating an industrial control system: Historically, there have been many systems and networks compromised using TeamViewer as an entry point. Because of its wide-spread use and powerful features, it has become a popular target as an attack vector to compromise network assets. It is a useful and widely used platform to allow users remote access to computer systems. TeamViewer is a proprietary software application for remote control, desktop sharing, online meetings, web conferencing and file transfer between computers.
It should be stated at the outset that TeamViewer is NOT malware. Remote Access as a Command and Control Channel MITRE Tactics: TA0007 Discovery, TA0006 Credential Access, TA0011 Command and Control
0 kommentar(er)
