The SolarWinds hack started sometime in March after attackers breached the company’s Orion network management tools.
#Malwarebytes cloud software#
Malwarebytes stresses that it doesn’t use Microsoft’s Azure cloud services and that its software remains safe to use.
#Malwarebytes cloud code#
Upon examining its source code and reverse engineering its software, it found no evidence of unauthorized access. Malwarebytes assures its anti-malware users, however, that it conducted an extensive investigation and determined that the attackers only gained access to a limited subset of internal company emails. That activity was “consistent with the tactics, techniques and procedures” used by the actors behind the SolarWinds attacks. The company first found out about the intrusion after getting word from the Microsoft Security Response Center on December 15th regarding a suspicious activity from a third-party app in its Office 365 environment. In particular, the bad actors got in through a dormant email protection product within its Office 365 tenant. American security company Malwarebytes has revealed that it was targeted by the same “nation state actor implicated in SolarWinds breach.” The firm says it doesn’t use SolarWinds’ IT software, which served as the hackers’ entryway into the systems of all the companies and federal agencies they breached, and that it was infiltrated using another intrusion vector.
0 kommentar(er)
