Malwarebytes Said It Was Hacked By the Same Group Who Breached SolarWinds
mercredi 20 janvier 2021, 01:02 , par Slashdot
US cyber-security firm Malwarebytes said it was hacked by 'Dark Halo,' the same group which breached IT software company SolarWinds last year. ZDNet reports: Malwarebytes said its intrusion is not related to the SolarWinds supply chain incident since the company doesn't use any of SolarWinds software in its internal network. Instead, the security firm said the hackers breached its internal systems by exploiting an Azure Active Directory weakness and abusing malicious Office 365 applications. Malwarebytes said it learned of the intrusion from the Microsoft Security Response Center (MSRC) on December 15.
At the time, Microsoft was auditing its Office 365 and Azure infrastructures for signs of malicious apps created by the SolarWinds hackers, also known in cyber-security circles as UNC2452 or Dark Halo. Malwarebytes said that once it learned of the breach, it began an internal investigation to determine what hackers accessed. 'After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails,' said Marcin Kleczynski, Malwarebytes co-founder and current CEO.
Read more of this story at Slashdot.
56 sources (32 en français)
ven. 26 févr. - 11:35 CET