Cyber Security

APTs target MSP access to customer networks – Week in security with Tony Anscombe

The recent compromise of the networks of several companies via the abuse of a remote access tool used by MSPs exemplifies why state-aligned threat actors should be on the radars of IT service providers

Managed service providers (MSPs) that don’t consider themselves targets for state-aligned threat actors may need to think again. While many people may associate advanced persistent threat (APT) groups with cyberespionage targeting only state agencies and large corporations, the fact is that some of these groups have increasingly been setting their sights on managed service providers (MSPs) with an eye towards ultimately targeting their customers.

Case in point: earlier this week, we wrote about how an Iran-aligned APT group called MuddyWater had gained access to the networks of several companies by abusing a remote access tool used by MSPs.

Articles You May Like

GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
Budworm APT Evolves Toolset, Targets Telecoms and Government
VW bails on its plan for a $2.1B EV plant in Germany
New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware
Building an equitable cap table puts more tools in a startup’s toolbox

Leave a Reply

Your email address will not be published. Required fields are marked *