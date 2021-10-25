CreatorsPublishersAdvertisers
Solarwinds hackers are targeting the global IT supply chain, Microsoft says

By Sam Shead, @Sam_L_Shead
CNBC
 7 days ago

Cover picture for the articleNobelium, as the hacking group is known, has "been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain" according to Tom Burt, corporate vice president of customer security and trust at Microsoft. The hackers have been using...

securityboulevard.com

SolarWinds & Accellion Breaches: Supply Chain Attacks Wreaking Havoc

When it comes to cyber security, it’s not possible to pinpoint the biggest threat against organizations globally. However, supply chain attacks are doing their best to earn that honor. In a supply chain attack, a threat actor infiltrates an organization’s system through a third-party provider or partner that has access to its data and systems. In fact, according to an article by National Defense Magazine, two-thirds of breaches are a result of a supplier or third-party vulnerabilities.
Dmitry Peskov
commercialintegrator.com

Microsoft: Russian Hackers Targeting Tech Service Providers

Microsoft says the same Russian hacking group behind the compromise of the SolarWinds Orion platform is targeting IT service providers and cloud technology resellers to leverage their privileged access to end customer networks. In a series of blogs, Microsoft says the threat actor it calls Nobelium is targeting cloud service...
onmsft.com

Microsoft identifies a second SolarWinds-like attack from Russian based hackers

Companies are still reeling from the sophisticated large scale 2020 SolarWinds attack which affected up to 320,000 businesses in over 190 countries, and it appears there is a second attempt under away. Microsoft has managed to identify a second nascent attack on the horizon that is deploying a similar Trojan-horse...
theregister.com

SolarWinds attacker on the move: Russia's Nobelium crew has trebled attacks targeting MSPs, cloud resellers, says Microsoft

Russia's Nobelium group – fingered as being a Russian state actor by both the United States and Britain – has massively ramped up phishing and password spraying attempts against managed service providers (MSPs) and cloud resellers, Microsoft's security arm has warned. The Windows maker said the group's targeted attacks against...
TheDailyBeast

Russian Hackers Escalate SolarWinds Attacks on Tech Firms, Targeting Dozens of Companies

The Russian hackers behind the massive SolarWinds breach have only escalated their efforts to steal tech companies’ private information, according to Microsoft Corp. researchers. This latest campaign, which began in May, has targeted more than 140 companies, with as many as 14 being successfully breached, the experts said. “This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain,” Tom Burt, a corporate vice president for customer security and trust at Microsoft, explained. The SolarWinds breach—in which Russian hackers infiltrated at least a dozen U.S. government agencies—was ultimately blamed on Russia’s foreign intelligence service, prompting President Biden to impose sanctions on Moscow and expel diplomats.
Fortune

invezz.com

