![]() The fixes included patches for a zero-day vulnerability under active exploitation, as well as over 80 other patches for vulnerabilities. Microsoft recently issued security patches to resolve some aspects of the SolarWinds attack as part of its January 2021 Patch Tuesday. ![]() That's not forgetting that the first inkling of the SolarWinds attack came in early December 2020, when leading cybersecurity firm FireEye was hit with a nation-state attack, now presumed to be part of SolarWinds. Although Malwarebytes was made aware of the potential of an exploit in December 2020, it has taken over a month for confirmation. Related: Leading Cybersecurity Firm FireEye Hit by Nation-State Attack The threat actor combined numerous exploits and attack vectors to compromise numerous high-profile targets, including several US government agencies, Microsoft, and other high profile tech companies. The SolarWinds Victim Count Continues RisingĪs a recent CISA post states, SolarWinds was just one attack vector for this enormous attack. We found no evidence of unauthorized access or compromise in any of our internal on-premises and production environments Malwarebytes products remain safe.Īfter an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails. Malwarebytes was keen to stress that none of its consumer-facing products were affected and that the attackers gained access to a very limited amount of internal email data. The attackers specifically exploited a dormant email protection product. The Microsoft Security Response Center had previously flagged suspicious activity stemming from a dormant aspect of Malwarebytes Office 365 environment on 15 December. Even though they do not use SolarWinds, the attacker targeted Malwarebytes using an alternative attack vector, abusing "applications with privileged access to Microsoft Office 365 and Azure environments." In a post on the official Malwarebytes blog, the cybersecurity company confirmed that the "nation state attack leveraging software from SolarWinds has caused a ripple effect throughout the security industry."Ĭaught in the ripple is Malwarebytes. Malwarebytes Caught Up in SolarWinds Attack FireEye told Insider on Tuesday that its researchers are seeing new incursions from the SolarWinds attacks, including hacking into companies' Microsoft 365 email.Here's what Malwarebytes is saying about SolarWinds. Malwarebytes said its situation was not related to the SolarWinds' breach, as the firm doesn't use any of SolarWinds systems. SolarWinds, FireEye, Microsoft, CrowdStrike and now Malwarebytes have all been targeted by UNC2452/Dark Halo, a group US agencies have said the Russian government is behind. The SolarWinds hack last year was a "supply chain attack" that led to breaches at US government agencies and other businesses. Read more: Top federal cybersecurity experts explain why the SolarWinds cyberattack is such a big deal - and why it's too soon to declare cyberwar In an emailed statement to Insider, a Malwarebytes spokeswoman said, "While we were fortunate to experience a limited impact on our business, this scenario underscores the need for the industry to continue to collaborate in efforts to prevent increasingly complex nation state attacks." JMicrosoft 365 Defender Threat actors Microsoft has detected a 0-day remote code execution exploit being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks. Malwarebytes CEO Marcin Kleczynski told ZDNet the hacker only gained access to a limited subset of internal company emails and added that the "software remains safe to use." " Jeff Jones, Microsoft Senior Director, said in an email. ![]() We have not identified any vulnerabilities in our products or cloud services. "Our ongoing investigation of recent attacks has found this advanced and sophisticated threat actor had several techniques in their toolkit. Malwarebytes learned of the breach on December 15 from the Microsoft Security Response Center and has since investigated the matter, ZDNet reported. Malwarebytes said in a blog that hackers "leveraged a dormant email protection product" to breach the company's internal systems, including Office 365 and Azure.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |