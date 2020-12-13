Windows and Microsoft Security Failings
-
[Crackers] backed by Russian government reportedly breached US government agencies [iophk: Windows TCO]
Reuters reported that in addition to [cracking] Treasury and the Commerce Department’s National Telecommunications and Information Administration (NTIA), the hackers may have breached other US government entities.
Government officials considered the [crack] dire enough that the National Security Council held an emergency meeting at the White House on Saturday.
-
Suspected Russian [attackers] spied on U.S. Treasury emails - sources
The U.S. government has not publicly identified who might be behind the [attack], but three of the people familiar with the investigation said Russia is currently believed to be responsible for the attack. Two of the people said that the breaches are connected to a broad campaign that also involved the recently disclosed hack on FireEye, a major U.S. cybersecurity company with government and commercial contracts.
In a statement posted here to Facebook, the Russian foreign ministry described the allegations as another unfounded attempt by the U.S. media to blame Russia for cyberattacks against U.S. agencies.
[...]
The [attackers] are “highly sophisticated” and have been able to trick the Microsoft platform’s authentication controls, according to a person familiar with the incident, who spoke on condition of anonymity because they were not allowed to speak to the press.
-
U.S. Government Agencies Hit by [Attackers] During Software Update
“We have identified a global campaign that introduces a compromise into the networks of public and private organizations through the software supply chain,” FireEye said in a blog post late Sunday. “This compromise is delivered through updates to a widely-used IT infrastructure management software -- the Orion network monitoring product from SolarWinds.”
The series of attacks could rank it among the worst in recent memory, as Austin, Texas-based SolarWinds Corp. sells technology products to a Who’s Who list of of sensitive targets. These include the State Department, the Centers for Disease Control and Prevention, the Naval Information Warfare Systems Command, the FBI, all five branches of the U.S. military, and 425 corporations out of the Fortune 500, according to the company’s website and government data.
-
Researchers underline care taken to craft SolarWinds trojan campaign
Researchers from FireEye and Microsoft claim to have discovered a global intrusion campaign, using the Orion network monitoring system sold by SolarWinds, with a trojan being implanted into a file which was part of updates for the product; the compromised file was given the name SUNBURST. The software runs on Windows.
-
SolarWinds product used to attack private, public sector: FireEye claim
American cyber security firm FireEye, which last week said it had suffered a breach and lost its attack tools, says it has identified a global campaign to compromise public and private sector bodies through corruption of software supply chains, using software that runs on Windows.
-
Windows MountLocker ransomware working through affiliates: claim
Researchers from the Blackberry Research and Intelligence Team say they have been tracking the activities of affiliates of the MountLocker ransomware group, another one of the numerous ransomware groups that attacks Microsoft's Windows operating system.
-
Attackers hit US Treasury through Microsoft Office 365; SolarWinds opens door to others
Microsoft software has once again proved to be the weak link and opened the path for cyber attacks, this time to the US Treasury Department and an entity that deals with Internet and telco policy. The network management software SolarWinds appears to have opened the door for other agencies to be attacked.
-
Auto services firm Inchcape hit by Windows Ransomexx ransomware
Automotive services provider Inchcape Australia appears to have been compromised by the Windows Ransomexx ransomware, with the cyber criminals who hit the company leaking some data that they stole, on the dark web. The company has about 1500 employees in Australia.
-
