Microsoft Says SolarWinds Hackers Downloaded 'Small Subset' of Azure, Intune, and Exchange Source Code
Can’t wait until the next issue of Metacurity? Follow us on Twitter to stay up-to-date!
Following an investigation it began in December, Microsoft said there is no evidence that the hackers behind the SolarWinds breach could access production servers or customer data.
The vast majority of the software giant’s source code was never accessed by the hackers, who got into Microsoft’s systems via tainted SolarWinds updates. But the hackers were able to gain access to a small subset of Azure, Intune, and Exchange components and download the source code. (Dan Goodin / Ars Technica)
Related: Gadgets Now, ETTelecom.com, ZDNet, Exploit One, iTnews - Security, SC Magazine, Reuters: World News, Security Affairs, SiliconANGLE, The Register - Security, Redmond Mag, VentureBeat, SC Magazine, SecurityWeek, Engadget, Gadgets Now, ETTelecom.com, iTnews - Security, CRN, CyberNews, Channel News Asia, Slashdot, Dark Reading, PC Risk, SiliconANGLE, The Hacker News, SiliconANGLE, ZDNet, Microsoft
WhatsApp said it would roll out new communications with users about what it contends is its previously misconstrued privacy update, which alarmed users who believed that the new policy allowed WhatsApp to share data with its parent company Facebook. In fact, WhatsApp has been sharing data with Facebook since 2016.
WhatsApp will begin to roll out a small, in-app banner that will ask users to re-review the privacy policies, and they’ll be shown a deeper summary of the changes, including added details about how WhatsApp works with Facebook. (Sarah Perez / TechCrunch)
Related: Techradar, iPhone Hacks, Engadget, Daring Fireball, BusinessLine - Home, PhoneArena, India Today Latest Stories, Pocketnow, Android Central, Android Police, Ad Week, Gadgets Now, Times of India, CTVNews.ca, Channel News Asia, NDTV Gadgets360.com, BusinessWorld, The Next Web, Mashable, MediaNama, The Verge, iPhone in Canada Blog
Cybersecurity giant CrowdStrike is buying data security company Humio for around $400 million to upgrade its breach detection platform's capabilities.
Humio offers a software product that processes security data in near-real-time to catch cyber attacks as they happen. (Maria Deutscher / Silicon Angle)
Apple launched its annual Platform Security guide outlining its bug bounty program, password monitoring, and more.
The Guide also contains expanded information about hardware like M1, new details about the secure enclave, and an accounting of a host of software features. (Lily Hay Newman / Wired)
A ransomware attack against widely used payment processor ATFS has sparked data breach notifications from numerous cities and agencies within California and Washington, including the California Department of Motor Vehicles, and several Washington cities, including Kirkland, Lynnwood, Monroe, Redmond, Seattle, Lakewood Water District, and Port of Everett.
The attack was conducted by a cybercrime operation known as 'Cuba Ransomware'’ which began selling AFTS' stolen data on their data leak site. (Lawrence Abrams / Bleeping Computer)
RIPE NCC, the organization that manages and assigns IPv4 and IPv6 addresses for Europe, the Middle East, and the former Soviet space, said it had foiled what appeared to be deliberate credential stuff at the attack, which caused some downtime.
RIPE is now asking its estimated 20,000 members to enable two-factor authentication for their access accounts to thwart any future brute-force-like attacks. (Catalin Cimpanu / ZDNet)
The acting director of the Cybersecurity and Infrastructure Security Agency (CISA) acknowledged that Einstein, a core component of the government's National Cybersecurity Protection System, has weaknesses given that it failed to detect the massive SolarWinds supply chain hack.
Wales said that when it comes to a supply chain attack, Einstein’s major component, which focuses on the perimeter of monitoring network traffic, bypasses such a threat. (Justin Katz / FCW)
Related: Defense Daily Network
Security researcher Eric Brandel that attackers abuse Google's Apps Script business application development platform to steal credit card information when submitted by customers of e-commerce sites when they are shopping.
The attackers use the script.google.com domain to successfully hide their malicious activity from malware scan engines and bypass Content Security Policy (CSP) controls. (Sergiu Gatlan / Bleeping Computer)
Access governance company Sphere raised $10 million in a Series A funding round led by ForgePoint Capital, with participation from private investors Omkhar Arasaratnam (formerly at JPMorgan Chase), Joel Caminer (formerly at TD Securities), Adnane Charchour (formerly at Scivantage), and Sounil Yu (formerly at Bank of America).
Sphere, a woman-owned cybersecurity business, says its SPHEREboard automation platform can provide insights into an organization’s most sensitive data, prioritize and remediate privileged access violations, identify and remediate problematic Active Directory groups, and provide identity access management capabilities. (Eduard Kovacs / Security Week)
Related: New York City Biz List