reader comments 45 This story was originally published by ProPublica. Investigating how the world’s largest software provider handles the security of its own ubiquitous products. After Russian intelligence launched one of the most devastating cyber espionage attacks in history against US government agencies, the Biden administration set up a new board and tasked it to… Read More »
reader comments 31 with 26 posters participating Share this story Almost exactly a year ago, security researchers uncovered one of the worst data breaches in modern history, if not ever: a Kremlin-backed hacking campaign that compromised the servers of network management provider SolarWinds and, from there, the networks of 100 of its highest-profile customers, including… Read More »
reader comments 55 with 26 posters participating Share this story The Russian state hackers who orchestrated the SolarWinds supply chain attack last year exploited an iOS zero-day as part of a separate malicious email campaign aimed at stealing Web authentication credentials from Western European governments, according to Google and Microsoft. In a post Google published… Read More »
Getty Images reader comments 11 with 10 posters participating Share this story Microsoft said on Tuesday that hackers operating in China exploited a zero-day vulnerability in a SolarWinds product. According to Microsoft, the hackers were, in all likelihood, targeting software companies and the US Defense industry. SolarWinds disclosed the zero-day on Monday, after receiving notification… Read More »
reader comments 29 with 24 posters participating Share this story SolarWinds, the company at the center of a supply chain attack that compromised nine US agencies and 100 private companies, is scrambling to contain a new security threat: a critical zero-day vulnerability in its Serv-U product line. Microsoft discovered the exploits and privately reported them… Read More »
reader comments 31 with 25 posters participating Share this story The nation-state hackers who orchestrated the SolarWinds supply chain attack compromised a Microsoft worker’s computer and used the access to launch targeted attacks against company customers, Microsoft said in a terse statement published late on a Friday afternoon. The hacking group also compromised three entities… Read More »
reader comments 3 with 3 posters participating Share this story The Kremlin-backed hackers who targeted SolarWinds customers in a supply chain attack have been caught conducting a malicious email campaign that delivered malware-laced links to 150 government agencies, research institutions and other organizations in the US and 23 other countries, Microsoft said. The hackers, belonging… Read More »
Matt Anderson Photography/Getty Images reader comments 29 with 23 posters participating Share this story US officials on Thursday formally blamed Russia for backing one of the worst espionage hacks in recent US history and imposed sanctions designed to mete out punishments for that and other recent actions. In a joint advisory, the National Security Agency,… Read More »
Enlarge / Breaking in the computer. reader comments 10 with 9 posters participating Share this story Email-management provider Mimecast has confirmed that a network intrusion used to spy on its customers was conducted by the same advanced hackers responsible for the SolarWinds supply chain attack. The hackers, which US intelligence agencies have said likely have… Read More »
reader comments 0 with 0 posters participating Share this story First it was SolarWinds, a reportedly Russian hacking campaign that stretches back almost a year and has felled at least nine US government agencies and countless private companies. Now it’s Hafnium, a Chinese group that’s been attacking a vulnerability in Microsoft Exchange Server to sneak… Read More »