banner Expire 1 February 2024
Ad Ends 13 January 2025
ad End 25 April 2025
banner Expire 25 April 2025
banner Expire 16 November 2024
ad expire at 08 november 2024
What's new
banner Expire 16 November 2024
Ad Ends 20 January 2025
banner Expire 11 November 2024
Adv exp on 11 NOv 2024
banner Expire 15 January 2025
Ad expire at 5 August 2024
banner Expire 20 October 2024
Western union transfer
UniCvv
casino
swipe store
adv exp at 23 August 2024
Carding.pw carding forum
BidenCash Shop
Kfc CLub

Microsoft and 40+ Customers Hit in Russian Espionage Attack

File_closed07

TRUSTED VERIFIED SELLER
Staff member
Joined
Jun 13, 2020
Messages
7,344
Reaction score
915
Points
212
Awards
2
  • trusted user
  • Rich User
Microsoft has notified over 40 customers that they have been compromised by malicious SolarWinds updates as part of a massive suspected Russian cyber-espionage campaign.

The attacks, which the US government admitted to for the first time on Wednesday, are thought to have compromised numerous departments including the Treasury and commerce, health, energy and state departments, plus the National Nuclear Security Administration (NNSA).

A malicious SolarWinds Orion update is thought to have been a primary attack vector for the suspected Russian state group, with the vendor claiming as many as 18,000 customers could be affected.

However, the attackers are likely to have targeted far fewer to achieve their strategic objectives. Yesterday, Microsoft president Brad Smith revealed the firm has contacted over 40 customers “targeted more precisely and compromised through additional and sophisticated measures.”

These include governments (18%), NGOs (18%), contractors (9%) and IT companies (44%), although the number of targets is suspected to grow over the coming days and weeks.

“While roughly 80% of these customers are located in the United States, this work so far has also identified victims in seven additional countries,” Smith continued.

These are: Canada, Mexico, Belgium, Spain, the UK, Israel and the UAE.

“This is not ‘espionage as usual,’ even in the digital age. Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world. In effect, this is not just an attack on specific targets, but on the trust and reliability of the world’s critical infrastructure in order to advance one nation’s intelligence agency,” argued Smith.

“While the most recent attack appears to reflect a particular focus on the United States and many other democracies, it also provides a powerful reminder that people in virtually every country are at risk and need protection irrespective of the governments they live under.”

In fact, Microsoft itself was forced to admit that it was also caught up in the attack campaign.

“Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed,” it noted in a statement.

“We have not found evidence of access to production services or customer data. Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others.”

However, US security agency CISA has confirmed that the SolarWinds updates were not the only “initial access vectors” used in this campaign.
 
Ad End 1 February 2024
Top