The attack vector was an email-protection application for Microsoft 365.
A new big name has is added to the already long list of SolarWinds attack’s collateral victims: Malwarebytes.
In a recent statement, the company recognized that “while Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor.”
The attack methods get more advanced, while multiple companies are used as backdoors.
There are clues that indicate that the series of attacks began last spring with a corrupted software update that delivered the Sunburst backdoor to about 18.000 organizations. After that, specific targets were chosen to be infiltrated further. Thankfully, Malwarebytes noted that “we found no evidence of unauthorized access or compromise in any of our internal on-premises and production environments….We do not use Azure cloud services in our production environments.” “A thorough investigation of all Malwarebytes source code, build and delivery processes showed no evidence of unauthorized access or compromise”, they added.
Check the source.
Read More
- 85K MySQL Servers were hit by PLEASE_READ_ME RansomwareChrome, Firefox and Edge browsers get an update to fix separate bugs that both allow for remote attacks, which could potentially allow hackers to takeover targeted devices.
- The new Silver Sparrow malware infected 30,000 MacsChrome, Firefox and Edge browsers get an update to fix separate bugs that both allow for remote attacks, which could potentially allow hackers to takeover targeted devices.
- Investment Scammers try to trick Dating App UsersChrome, Firefox and Edge browsers get an update to fix separate bugs that both allow for remote attacks, which could potentially allow hackers to takeover targeted devices.
- Microsoft explains how their new password monitoring system worksChrome, Firefox and Edge browsers get an update to fix separate bugs that both allow for remote attacks, which could potentially allow hackers to takeover targeted devices.
- A new FreakOut Malware attacks Linux devicesChrome, Firefox and Edge browsers get an update to fix separate bugs that both allow for remote attacks, which could potentially allow hackers to takeover targeted devices.