It has been reported that state-sponsored hackers who breached US software provider SolarWinds earlier this year pivoted to Microsoft’s internal network, and then used Microsoft’s own products to further the attacks against other companies. Reports have also stated that Microsoft has identified more than 40 of its customers that installed trojanised versions of the SolarWinds Orion platform and where hackers escalated intrusions with additional, second-stage payloads. The OS maker said it was able to discover these intrusions using data collected by Microsoft Defender antivirus product, a free antivirus product built into all Windows installations. Microsoft President Brad Smith said his company is now in the process of notifying all the impacted organisations, 80% of which are located in the United States, with the rest being spread across seven other countries —namely Canada, Mexico, Belgium, Spain, the UK, Israel, and the UAE.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
