In March 2022, the source codes of the Conti malware were made public, and now, apparently, other hackers are starting to use them, turning the ransomware against Russian authorities and companies. Let me remind you that this story began back in February 2022, when an anonymous information security researcher who had access to the infrastructure… Continue reading Leaked Conti ransomware source codes were used to attack Russian authorities
Tag: SolarWinds
Clop ransomware exploits vulnerability in SolarWinds Serv-U
The NCC Group warns of a spike of Clop ransomware attacks (hack group also known as TA505 and FIN11), which exploits a vulnerability in SolarWinds Serv-U. Most of them start off by exploiting the CVE-2021-35211 bug in Serv-U Managed File Transfer and Serv-U Secure FTP. This issue allows a remote attacker to execute commands with… Continue reading Clop ransomware exploits vulnerability in SolarWinds Serv-U
Hackers attacked Microsoft Exchange servers of the European Banking Authority
Hackers attacked the servers of the Microsoft Exchange European Banking Authority (EBA). Due to the attack, EBA had to temporarily shut down its mail systems as a precaution. EBA launched an investigation of the incident in partnership with its information and communications technology provider, a group of information security experts and other relevant organizations. The… Continue reading Hackers attacked Microsoft Exchange servers of the European Banking Authority
Microsoft: SolarWinds Hackers Stole Source Codes of Azure, Exchange and Intune Components
Microsoft experts announced that they have completed an official investigation of the attack, and told what exactly SolarWinds hackers were able to steal. The company reiterated that it was found no evidence that outsiders could somehow abuse Microsoft systems or use its products to attack customers. Let me remind you that Microsoft acknowledged the fact… Continue reading Microsoft: SolarWinds Hackers Stole Source Codes of Azure, Exchange and Intune Components
Microsoft Says Over 1,000 Developers Worked on SolarWinds Attack
In an interview with CBSNews, Microsoft President Brad Smith said the recent attack on SolarWinds was “the largest and most sophisticated he has ever seen.” According to him, the analysis of the hack carried out by the company’s specialists suggests that more than 1,000 developers worked on this attack. At the same time, Smith says… Continue reading Microsoft Says Over 1,000 Developers Worked on SolarWinds Attack
Raindrop is another malware detected during the SolarWinds hack
Symantec specialists detected Raindrop malware, which was used during the attack on SolarWinds along with other malware. According to the researchers, Raindrop was used by cybercriminals in the last stages of the attack and was deployed only on the networks of a few selected targets (only four malware samples were found). Let me remind you… Continue reading Raindrop is another malware detected during the SolarWinds hack
Experts discovered SolarLeaks website with data stolen in a recent massive hacker attack
Bleeping Computer writes that experts have discovered the SolarLeaks website (solarleaks[.]net), where unknown persons sell data, allegedly stolen from SolarWinds, Microsoft, Cisco and FireEye during a recent attack on the supply chain. Let me remind you that in December 2020 it became known that unknown hackers attacked SolarWinds and infected its Orion platform with malware.… Continue reading Experts discovered SolarLeaks website with data stolen in a recent massive hacker attack
Microsoft says SolarWinds hackers hunted for access to cloud resources
Microsoft continues to investigate the supply chain attack that SolarWinds and its customers have suffered this year. Microsoft analysts reported that SolarWinds hackers were hunting for access to cloud resources. Let me remind you that unknown hackers attacked SolarWinds and infected its Orion platform with malware. Among the victims were such giants as Microsoft, Cisco,… Continue reading Microsoft says SolarWinds hackers hunted for access to cloud resources
SolarWinds hack allowed Russian attackers to infiltrated dozens of US Treasury Department mailboxes
US Senator Ron Wyden, a member of the US Senate Finance Committee, said that hackers, standing behind the SolarWinds hack, compromised dozens of US Treasury Department mailboxes. The statement came after the Treasury Department and the IRS held a briefing with committee members regarding the attack on SolarWinds. While has yet been found no evidence… Continue reading SolarWinds hack allowed Russian attackers to infiltrated dozens of US Treasury Department mailboxes
Microsoft: Supernova and CosmicGale malware detected on systems running SolarWinds
Continue studies oŃ‚ large-scale attack on the supply chain, for which attackers compromised SolarWinds and its Orion platform. It seems that experts have now discovered another hack group that used SolarWinds software to host Supernova and CosmicGale malware on corporate and government networks. Let me remind you that the malware used in the original attack… Continue reading Microsoft: Supernova and CosmicGale malware detected on systems running SolarWinds