Microsoft discovers new vulnerability that was exploited by SolarWinds hackers

In a statement Microsoft said, it had found a new vulnerability which was exploited by SolarWinds hackers. The attackers had gained  access to one of Microsoft’s customer-service agents, they had then used information gained from there to launch hacking attempts against customers. Microsoft had discovered the route used by hackers while responding to hacks by a…

SEC enforcing cyber security disclosures following SolarWinds cyber attack

According to two sources familiar with an SEC investigation, the regulator has opened an investigation into last year’s SolarWinds cyber attack; the probe is focusing on whether failed to disclose that they had been affected by the hack. Last week, the SEC sent investigative letters to a number of public issuers and investment firms requesting voluntary…

Chinese state-sponsored hacking group HAFNIUM pillaged user inboxes which use Microsoft Exchange Server

In a statement, Microsoft cyber security experts along with cyber security experts from outside of the company said, a cyberespionage group from China has been remotely plundering email inboxes using 0-day exploits in Microsoft mail server software. In a blog post Microsoft said, the cyber-espionage group dubbed as HAFNIUM, a state-sponsored entity operating out of…

SolarWinds hack was the largest and most sophisticated cyber attack to date: Microsoft president

In a statement, Microsoft Corp’s President Brad Smith said, the SolarWinds hacking campaign that used the U.S. tech company as a springboard to compromise many U.S. government agencies is “the largest and most sophisticated attack the world has ever seen”. The hacking campaign, identified in December 2020, was allegedly orchestrated by China and Russia, had…

SolarWinds products have been injected with malicious code by state-backed hackers

In a statement, SolarWinds, an IT company said, monitoring products that it had released earlier this year in March and in June may have been surreptitiously tampered with in a “highly-sophisticated, targeted and manual supply chain attack by a nation state.” The statement by SolarWinds comes even as the U.S. intelligence community is investigating cyber…