The attack vector was not the Orion platform but rather an email-protection application for Microsoft 365.
Malwarebytes is the latest discovered victim of the SolarWinds hackers, the security company said – except that it wasn’t targeted through the SolarWinds platform.
“While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor,” it disclosed in a Tuesday web posting.
Instead of using the SolarWinds Orion network-management system, the advanced persistent threat (APT) abused “applications with privileged access to Microsoft Office 365 and Azure environments,” the security firm said specifically, an email-protection application.
“What started out as the SolarWinds attack is slowly turning out to be perhaps the most sophisticated and wide-reaching cyber-campaign we have ever seen,” Ami Luttwak, CTO and co-founder of Wiz, said via email. “It encompasses multiple companies used as backdoors to other c
March 3, 2021 So glad I came across this now just after going through the scheme as a victim. Having had an Atomic wallet for my cryptos for years was a very comforting thing. But once I had a problem with balances that showed as pending transactions but were indicated as confirmed in the History tab of my Atomic wallet phone app for a week, I still had enough confidence that all was okay as usual. I emailed the Support team on the matter wanting to inform them of the existence of such anomaly but their responses were very dull - almost out of context.
minute read
Share this article:
CISA has issued an alert warning that cloud services at U.S. organizations are being actively and successfully targeted.
The Feds are warning that cybercriminals are bypassing multi-factor authentication (MFA) and successfully attacking cloud services at various U.S. organizations.
According to an alert issued Wednesday by the Cybersecurity and Infrastructure Security Agency (CISA), there have been “several recent successful cyberattacks” focused on compromising the cloud. Most of the attacks are opportunistic, taking advantage of poor cloud cyber-hygiene and misconfigurations, according to the agency.
“These types of attacks frequently occurred when victim organizations’ employees worked remotely and used a mixture of corporate laptops and personal devices to access their respective cloud services,” the alert outlined. “Despite the use of security tools, affected organizations typically had weak cyber-hygiene practices th
Judge bars former Tallahassee city ethics officer from internet-connected devices after her arrest for cyberstalking.
A Tallahassee city ethics officer was arrested and charged with cyberstalking her coworker and former lover, and is now banned by a judge from using the internet for anything besides work, paying bills and her legal defense.
Julie Meadows-Keef is accused of cyberstalking Bert Fletcher, the
Tallahassee Democrat newspaper reported. Both worked in Tallahassee city government. She was hired in 2014 as the first city government ethics officer, while he worked in an adjacent office as the city auditor. They soon started a romantic relationship, according to the report.