Microsoft says it is investigating two zero-day vulnerabilities reported to be affecting Microsoft Exchange Server 2013, 2016, and 2019. A blog post i.
IT companies bear brunt of new SolarWinds hacker attacks
IT companies bear brunt of new SolarWinds hacker attacks
Comprising 57 per cent of total targets in the latest spate of activity. Credit: Dreamstime
IT companies have made up the majority of organisations targeted amid new activity by the group behind last year’s SolarWinds supply-chain attack, with at least one victim coming from Microsoft’s customer support ranks.
On 25 June, the Microsoft Threat Intelligence Centre said it was tracking new activity from the Nobelium threat actor – as Microsoft has dubbed the group – with the vendor observing password spray and brute-force attacks, among other potential methods and tactics.
Reseller News
Join Reseller News
Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.Sign up now
Malwarebytes hacked by SolarWinds attackers
Becomes latest vendor implicated in the state attack Credit: Dreamstime
Anti-malware software vendor Malwarebytes has become the latest technology company swept up in last year s attack on SolarWinds.
The US-based vendor admitted it has received notices of suspicious third-party activity from the Microsoft Security Response Centre on December 15.
According to Malwarebytes, these reflected tactics, techniques and procedures (TTPs) of the same advanced threat actor involved in the SolarWinds attacks, reportedly a hacking group linked to the Russian government.