Cybersecurity Company Avast Breached by Hackers

It's Time to Change Your Perception of the Cybersecurity Professional

Threat actors breached the network of cybersecurity company Avast in a sophisticated cyber operation, referred to as “Abiss,” that likely attempted to poison the supply chain and target its anti-virus software, CCleaner.

According to a press release by the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) , the intruder made several attempts to gain access since May 14, 2019, using compromised credentials for a temporary VPN profile that was not protected with multi-factor authentication (MFA) Logs verified that the attacker achieved privilege escalation and had multiple sets of user credentials.

"In response to concerns that the attacker may have tampered with previous updates, CCleaner automatically updated users’ software on builds released after the initial intrusion attempt, closed the temporary VPN profile and disabled and reset all internal user credentials," says NJCCIC.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.