Security News > 2019 > December > Chinese Hackers Bypassing Two-Factor Authentication
2019-12-26 12:19
Interesting story of how a Chinese state-sponsored hacking group is bypassing the RSA SecurID two-factor authentication system. How they did it remains unclear; although, the Fox-IT team has their theory. They said APT20 stole an RSA SecurID software token from a hacked system, which the Chinese actor then used on its computers to generate valid one-time codes and bypass 2FA...
News URL
https://www.schneier.com/blog/archives/2019/12/chinese_hackers_1.html
Related news
- Chinese hackers use new data theft malware in govt attacks (source)
- Chinese hackers linked to cybercrime syndicate arrested in Singapore (source)
- WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers (source)
- Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware (source)
- Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign (source)
- Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain (source)
- US says Chinese hackers breached multiple telecom providers (source)
- Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Sophos reveals 5-year battle with Chinese hackers attacking network devices (source)