The attack vector was an email-protection application for Microsoft 365.
A new big name has is added to the already long list of SolarWinds attack’s collateral victims: Malwarebytes.
In a recent statement, the company recognized that “while Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor.”
The attack methods get more advanced, while multiple companies are used as backdoors.
There are clues that indicate that the series of attacks began last spring with a corrupted software update that delivered the Sunburst backdoor to about 18.000 organizations. After that, specific targets were chosen to be infiltrated further. Thankfully, Malwarebytes noted that “we found no evidence of unauthorized access or compromise in any of our internal on-premises and production environments….We do not use Azure cloud services in our production environments.” “A thorough investigation of all Malwarebytes source code, build and delivery processes showed no evidence of unauthorized access or compromise”, they added.
Check the source.
Read More
- This Disney Plus Scam Is After Your Bank InfoA newly discovered Disney Plus scam is phishing for your banking information, using an e-mail with a very eye-catching […]
- ChatGPT Might Boost Phishing Scams In 2023, Experts WarnWhile AI’s immensely popular ChatGPT is a very useful tool for writers and creators worldwide, it might also help […]
- Devastating Ransomware Attack: Oakland Declares State of EmergencyIn the wake of a massive ransomware attack that left the city with no choice but to shut its […]
- H0lyGh0st Ransomware After Small and Midsize BusinessesMicrosoft has linked H0lyGh0st, a cyberthreat that emerged in June 2021 and targets small-to-midsized businesses, to North Korean state-sponsored […]
- Popular NFT Marketplace Ravaged by $540M Phishing SchemeIn March, a North Korean APT netted $540 million thanks to a massive phishing operation carried out on the […]
Attribution:
Photo by Markus Spiske on Unsplash