AnyDesk says hackers breached its production servers, resets passwords (www.bleepingcomputer.com)

submitted 8 months ago by 0x4E4F@lemmy.dbzer0.com to c/cybersecurity@sh.itjust.works

10 comments fedilink hide all child comments

top 10 comments

sorted by: hot top controversial new old

[-] flathead@lemm.ee 22 points 8 months ago

"We can confirm that the situation is under control and it is safe to use AnyDesk."

Yeah, nah.

[-] adamkempenich@lemmy.world 3 points 8 months ago

Any other recommendations aside from TeamViewer? AnyDesk has been getting worse with each update. Can’t even use a free account to have a dedicated hostname anymore…

[-] jasep@lemmy.world 12 points 8 months ago* (last edited 8 months ago)

An open source option is RustDesk

https://github.com/rustdesk/rustdesk

https://rustdesk.com

I use it, I like it.

[-] 0x4E4F@lemmy.dbzer0.com 5 points 8 months ago* (last edited 8 months ago)

The owners are sketchy and they have closed source pro features (which was expected to be honest). They also don't like criticism and ban accounts on reddit for questioning some of their practices (like why has a vulnerability PR not been merged for more than a year). I should know, they banned me from their subreddit for asking this and deleted my comment. I later found out that this was common practice with them.

[-] ryannathans@aussie.zone 2 points 8 months ago

Isn't that run by some dodgy chinese firm

[-] kn33@lemmy.world 3 points 8 months ago

I really like ScreenConnect.

[-] spaghettiwestern@sh.itjust.works 12 points 8 months ago* (last edited 8 months ago)

At least Anydesk didn't take Teamviewer's approach and deny the breach for 3 years while blaming their customers for the problem, but it's time to rethink using these remote access apps.

In the past year for personal use I've moved to VNC and Nomachine server apps that are inaccessible from the Internet without first activating a Wireguard tunnel. The tunnel ports don't even appear to be open when scanned. Hopefully this setup offers more security than relying on a company to make sure their systems are up to date.

[-] 0x4E4F@lemmy.dbzer0.com 1 points 8 months ago

Doesn't mean their systems are not up to date, it just means that a security hole has been discovered. Hopefully, it's patched now.

My biggest concern is them having the source.

[-] spaghettiwestern@sh.itjust.works 1 points 8 months ago

Doesn’t mean their systems are not up to date...

IMO we will never know. Every company has a vested interest in hiding the cause of a breach if it makes them look bad.

[-] Illecors@lemmy.cafe 1 points 8 months ago

Yay... :(

this post was submitted on 02 Feb 2024

56 points (100.0% liked)

Cybersecurity

5554 readers

162 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social