Microsoft Says SolarWinds Hackers Downloaded 'Small Subset' of Azure, Intune, and Exchange Source Code

WhatsApp will to clean up privacy policy disaster, CISA acting chief admits EINSTEIN can't catch SolarWinds-like hacks, Crowdstrike buys Humio, Apple launches annual Platform Security guide, more

Can’t wait until the next issue of Metacurity? Follow us on Twitter to stay up-to-date!

Follow Us on Twitter

Following an investigation it began in December, Microsoft said there is no evidence that the hackers behind the SolarWinds breach could access production servers or customer data.

The vast majority of the software giant’s source code was never accessed by the hackers, who got into Microsoft’s systems via tainted SolarWinds updates. But the hackers were able to gain access to a small subset of Azure, Intune, and Exchange components and download the source code. (Dan Goodin / Ars Technica)

Related: Gadgets NowETTelecom.comZDNetExploit OneiTnews - SecuritySC MagazineReuters: World NewsSecurity AffairsSiliconANGLEThe Register - Security, Redmond MagVentureBeatSC MagazineSecurityWeekEngadgetGadgets NowETTelecom.comiTnews - SecurityCRNCyberNewsChannel News Asia, Slashdot, Dark ReadingPC RiskSiliconANGLEThe Hacker NewsSiliconANGLE, ZDNet, Microsoft

WhatsApp said it would roll out new communications with users about what it contends is its previously misconstrued privacy update, which alarmed users who believed that the new policy allowed WhatsApp to share data with its parent company Facebook. In fact, WhatsApp has been sharing data with Facebook since 2016.

WhatsApp will begin to roll out a small, in-app banner that will ask users to re-review the privacy policies, and they’ll be shown a deeper summary of the changes, including added details about how WhatsApp works with Facebook. (Sarah Perez / TechCrunch)

Related: TechradariPhone HacksEngadgetDaring FireballBusinessLine - HomePhoneArenaIndia Today Latest StoriesPocketnowAndroid CentralAndroid PoliceAd WeekGadgets NowTimes of IndiaCTVNews.caChannel News AsiaNDTV Gadgets360.comBusinessWorldThe Next WebMashableMediaNamaThe VergeiPhone in Canada Blog

Cybersecurity giant CrowdStrike is buying data security company Humio for around $400 million to upgrade its breach detection platform's capabilities.

Humio offers a software product that processes security data in near-real-time to catch cyber attacks as they happen. (Maria Deutscher / Silicon Angle)

Related: ARNSiliconANGLEReddit - cybersecurityChannel LifeDark ReadingVerdictTech.euReddit - cybersecurity

Apple launched its annual Platform Security guide outlining its bug bounty program, password monitoring, and more.

The Guide also contains expanded information about hardware like M1, new details about the secure enclave, and an accounting of a host of software features. (Lily Hay Newman / Wired)

Related: Dark ReadingWIRED, MacRumorsiPhone HacksThreatpostAppleInsider, Patently AppleMacDailyNewsReuters: World News, CTVNews.ca, Apple Platform Security

A ransomware attack against widely used payment processor ATFS has sparked data breach notifications from numerous cities and agencies within California and Washington, including the California Department of Motor Vehicles, and several Washington cities, including Kirkland, Lynnwood, Monroe, Redmond, Seattle, Lakewood Water District, and Port of Everett.

The attack was conducted by a cybercrime operation known as 'Cuba Ransomware'’ which began selling AFTS' stolen data on their data leak site. (Lawrence Abrams / Bleeping Computer)

Related:  SiliconANGLE, San Francisco Chronicle, Gizmodo

RIPE NCC, the organization that manages and assigns IPv4 and IPv6 addresses for Europe, the Middle East, and the former Soviet space, said it had foiled what appeared to be deliberate credential stuff at the attack, which caused some downtime.

RIPE is now asking its estimated 20,000 members to enable two-factor authentication for their access accounts to thwart any future brute-force-like attacks. (Catalin Cimpanu / ZDNet)

Related: Heimdal Security BlogReddit - cybersecurityCyber NewsInfosecurity Magazine, Ripe NCC

The acting director of the Cybersecurity and Infrastructure Security Agency (CISA) acknowledged that Einstein, a core component of the government's National Cybersecurity Protection System, has weaknesses given that it failed to detect the massive SolarWinds supply chain hack.

Wales said that when it comes to a supply chain attack, Einstein’s major component, which focuses on the perimeter of monitoring network traffic, bypasses such a threat. (Justin Katz / FCW)

Related: Defense Daily Network

Security researcher Eric Brandel that attackers abuse Google's Apps Script business application development platform to steal credit card information when submitted by customers of e-commerce sites when they are shopping.

The attackers use the script.google.com domain to successfully hide their malicious activity from malware scan engines and bypass Content Security Policy (CSP) controls. (Sergiu Gatlan / Bleeping Computer)

Access governance company Sphere raised $10 million in a Series A funding round led by ForgePoint Capital, with participation from private investors Omkhar Arasaratnam (formerly at JPMorgan Chase), Joel Caminer (formerly at TD Securities), Adnane Charchour (formerly at Scivantage), and Sounil Yu (formerly at Bank of America).

Sphere, a woman-owned cybersecurity business, says its SPHEREboard automation platform can provide insights into an organization’s most sensitive data, prioritize and remediate privileged access violations, identify and remediate problematic Active Directory groups, and provide identity access management capabilities. (Eduard Kovacs / Security Week)

Related: New York City Biz List

Photo by Tadas Sar on Unsplash