NET open source is heavily under-funded says AWS theregister.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from theregister.com Daily Mail and Mail on Sunday newspapers.
UPDATE: Microsoft continues to work with partners and customers to expand our knowledge of the threat actor behind the nation-state cyberattacks that compromised the supply chain of SolarWinds and impacted multiple other organizations. Microsoft previously used ‘Solorigate’ as the primary designation for the actor, but moving forward, we want to place appropriate focus on the actors behind the sophisticated attacks, rather than one of the examples of malware used by the actors. Microsoft Threat Intelligence Center (MSTIC) has named the actor behind the attack against SolarWinds, the SUNBURST backdoor, TEARDROP malware, and related components as NOBELIUM. As we release new content and analysis, we will use NOBELIUM to refer to the actor and the campaign of attacks.
A Microsoft store in British Columbia, Canada. (GoToVan from Vancouver, Canada/CC BY 2.0 https://creativecommons.org/licenses/by/2.0, via Wikimedia Commons)
The perpetrators behind the SolarWinds supplychain attack were observed leveraging four separate, techniques to bypass identity and access management protections and laterally move from victimsâ on-premises networks to their cloud-based Microsoft 365 accounts.
Companies that use M365 may therefore wish to heed three key recommendations: harden your hybrid environments, conduct thorough audits of cloud assets, and ensure that any remediation efforts are performed in the correct sequence to prevent the possibility of reinfection.
Please register to continue.