FWIW, APT35 explicitly targets the STDIT (RSA seed) file that is emailed to users during provisioning. It’s become standard practice by many APT groups now to use ediscovery searches to find these files wholesale.
-
-
-
Thank you! This is really interesting. When you're free, I'd love to hear more --off-the-record, of course. Ping me via DM. Open to learn more.
- Još 2 druga odgovora
Novi razgovor -
-
-
Q: What do Chinese cyberspies say when they're caught hacking? A: Wocao!!!pic.twitter.com/jlPobw5YA6
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
...and
@RSAsecurity did a clumsy job on developing a secure soft-token, once again.pic.twitter.com/ITtipaHVWC
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
As much as the incredible lack of security of the specific RSA SecureID implementation is concerning, this is not bypassing 2FA *at all*. Bit of an alarmist heading if they are generating valid 2FA codes by already having stolen the secret to generate the key. 1/2
- Još 1 odgovor
Novi razgovor -
-
-
Not exactly a cryptographic attack but an attack against cryptography.
@matthew_d_green will probably like this one.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
With those tokens, they’re bound to a single user, so they’ve compromised one user account, not generating system wide otp’s. Unless they’ve stolen ALL the soft tokens?
-
All you need is one user right? Get access to a box, start running shell escalation attempts, get access to sensitive data, find a network admin account, breach knowing faster targeted methods (you breached the softer target) and now you’re in. No?
- Još 1 odgovor
Novi razgovor -
-
-
Merry Christmas,
@SGgrcHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.