SolarWinds

Microsoft attributes the recent attacks that have targeted SolarWinds file transfer servers to a China-linked APT group that the experts tracked as DEV-0322. Microsoft said that the recent attacks against SolarWinds file transfer servers were carried out by a Chinese hacking group tracked as DEV-0322. This week SolarWinds addressed a zero-day remote code execution flaw (CVE-2021-35211) in Serv-U products which […]

The post China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks appeared first on Security Affairs.

Read More China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks

Microsoft attributes the recent attacks that have targeted SolarWinds file transfer servers to a China-linked APT group that the experts tracked as DEV-0322. Microsoft said that the recent attacks against SolarWinds file transfer servers were carried out by a Chinese hacking group tracked as DEV-0322. This week SolarWinds addressed a zero-day remote code execution flaw (CVE-2021-35211) in Serv-U products which […]

The post China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks appeared first on Security Affairs.

Read More China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks

Microsoft has detected a 0-day remote code execution exploit being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to DEV-0322, a group operating out of China.

The post Microsoft discovers threat actor targeting SolarWinds Serv-U software with 0-day exploit appeared first on Microsoft Security Blog.

Read More Microsoft discovers threat actor targeting SolarWinds Serv-U software with 0-day exploit

SolarWinds confirmed that a threat actor is actively exploiting a new zero-day vulnerability in Serv-U products and urges customers to fix it. SolarWinds addressed a zero-day remote code execution flaw in Serv-U products which is actively exploited in the wild by a single threat actor. SolarWinds was informed of the zero-day by Microsoft, the issue affects Serv-U Managed File Transfer […]

The post SolarWinds fixes critical Serv-U zero-day exploited in the wild appeared first on Security Affairs.

Read More SolarWinds fixes critical Serv-U zero-day exploited in the wild

Russia-linked threat actors compromised Denmark’s central bank (Danmarks Nationalbank) and remained in its systems for months. Russia-linked threat actors infected the systems of Denmark’s central bank (Danmarks Nationalbank) and maintained access to its network for more than six months. The security breach is the result of the SolarWinds supply chain attack that was carried out […]

The post SolarWinds hackers remained hidden in Denmark’s central bank for months appeared first on Security Affairs.

Read More SolarWinds hackers remained hidden in Denmark’s central bank for months

Microsoft discovered that Russia-linked SolarWinds hackers, tracked as Nobelium, have breached the network of three new organizations. Microsoft revealed on Friday that Russia-linked SolarWinds hackers, tracked as Nobelium or APT29, have conducted news cyber attacks against other organizations. Threat actors carried out brute-force and password spraying attacks in an attempt to gain access to Microsoft customer accounts. […]

The post Microsoft: Russia-linked SolarWinds hackers breached three new entities appeared first on Security Affairs.

Read More Microsoft: Russia-linked SolarWinds hackers breached three new entities

QOMPLX announced the extension of its Identity Assurance analytics solution to automatically detect identity-based attacks on cloud service providers. The company’s new Cloud Identity Forgery detections for Q:CYBER detect lateral movement and post-expl…

Read More QOMPLX Identity Assurance now automatically detects identity-based attacks on cloud service providers

Microsoft announced the release of open-source CodeQL queries that it experts used during its investigation into the SolarWinds supply-chain attack Microsoft has announced the availability of open-source CodeQL queries that the IT giant used during its investigation into the SolarWinds attack. In early 2021, the US agencies FBI, CISA, ODNI, and the NSA released a joint […]

The post Microsoft releases open-source CodeQL queries to assess Solorigate compromise appeared first on Security Affairs.

Read More Microsoft releases open-source CodeQL queries to assess Solorigate compromise

SolarWinds announced the APM Integrated Experience for the SolarWinds application performance management (APM) solutions—AppOptics, Loggly, and Pingdom—consolidating access to application performance metrics, traces, logs, and user experience into a co…

Read More SolarWinds APM Integrated Experience delivers a single platform for navigation across the APM portfolio

The US is going to respond to the SolarWinds supply chain attack within weeks, national security adviser Jake Sullivan told CNN. The US will respond within weeks to the devastating SolarWinds supply cyber attack, national security adviser Jake Sullivan told CNN. “We are in the process now of working through, with the intelligence community and [President […]

The post The US Government is going to respond to the SolarWinds hack very soon appeared first on Security Affairs.

Read More The US Government is going to respond to the SolarWinds hack very soon

Microsoft announced that SolarWinds hackers could have had access to repositories containing some components used by Azure, Intune, and Exchange. Microsoft announced that the threat actors behind the SolarWinds supply chain attack could have had access to repositories containing the source code for a limited number of components used by Azure, Intune, and Exchange. In […]

The post SolarWinds hackers had access to components used by Azure, Intune, and Exchange appeared first on Security Affairs.

Read More SolarWinds hackers had access to components used by Azure, Intune, and Exchange

Microsoft says it found 1,000-plus developers’ fingerprints on the SolarWinds attack Microsoft’s analysis of the SolarWinds supply chain attack revealed that the code used by the threat actors was the work of a thousand developers. Microsoft president Brad Smith provided further details about the investigation of the SolarWinds supply chain attack, the company’s analysis of […]

The post The malicious code in SolarWinds attack was the work of 1,000+ developers appeared first on Security Affairs.

Read More The malicious code in SolarWinds attack was the work of 1,000+ developers