Threat actors downloaded some Microsoft Exchange and Azure code repositories during the sprawling SolarWinds supply-chain attack but did not use the company’s internal systems or products to attack other victims. That’s the final verdict this week by the tech giant now that it’s completed a comprehensive investigation into the attack, which was discovered in December and continues to have repercussions across the industry. “We have now completed our internal investigation into the activity of the actor … which confirms that we found no evidence of access to production services or customer data,” the company said in a blog post on its Microsoft Security Response Center published Thursday. “The investigation also found no indications that our systems at Microsoft were used to attack others.” Click to Register Texas-based SolarWinds was the primary victim of the now-infamous cyberattack believed to be the work of Russian state-sponsored actors. During the attack, adversaries used SolarWinds’ Orion network management platform to infect users with a stealth backdoor called “Sunburst” or “Solorigate,” which opened the way for lateral movement to other parts of a network. The backdoor was pushed out via trojanized product updates to almost 18,000 organizations around the globe—including high-profile victims such as the U.S. Department of Homeland Security (DHS) and the Treasury and Commerce departments—starting last spring. Once embedded, the attackers were able to pick and…
0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2021-02-19 09:11:002021-02-19 09:11:00Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com