Cybernews
  • News
  • Editorial
  • Security
  • Privacy
    • What is a VPN?
    • What is malware?
    • How safe are password managers?
    • Are VPNs legal?
    • More resources
    • Strong password generator
    • Personal data leak checker
    • Antivirus software
    • Best VPN services
    • Password managers
    • Secure email providers
    • Best website builders
  • Follow
    • Twitter
    • Facebook
    • YouTube
    • Linkedin
    • Flipboard
    • Newsletter

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

Our readers help us create quality content. If you purchase via links on our site, we may receive affiliate commissions. Learn more

Home » News » SolarWinds hackers studied Microsoft source code for authentication and email

SolarWinds hackers studied Microsoft source code for authentication and email

by Reuters
19 February 2021
in News
0
SolarWinds hackers linked to known Russian spying tools, investigators say

SolarWinds Corp banner hangs at the New York Stock Exchange (NYSE), REUTERS/Brendan McDermid

51
SHARES

The hackers behind the worst intrusion of U.S. government agencies in years won access to Microsoft’s secret source code for authenticating customers, potentially aiding one of their main attack methods.

Microsoft said in a blog post on Thursday that its internal investigation had found the hackers studied parts of the source code instructions for its Azure cloud programs related to identity and security, its Exchange email programs, and Intune management for mobile devices and applications. https://msrc-blog.microsoft.com/2021/02/18/microsoft-internal-solorigate-investigation-final-update

Some of the code was downloaded, the company said, which would have allowed the hackers even more freedom to hunt for security vulnerabilities, create copies with new flaws, or examine the logic for ways to exploit customer installations.

Microsoft had said before that the hackers had accessed some source code, but had not said which parts, or that any had been copied. 

U.S. authorities said Wednesday the breaches revealed in December extended to nine federal agencies and 100 private companies, including major technology providers and security firms. They said the Russian government is likely behind the spree, which Moscow has denied.

Initially discovered by security provider FireEye Inc, the hackers used advanced skills to insert software back doors for spying into widely used network-management programs distributed by Texas-based SolarWinds Corp.

At the most prized of the thousands of SolarWinds customers that were exposed last year, the hackers added new Azure identities, added greater rights to existing identities, or otherwise manipulated the Microsoft programs, largely to steal email.

Some hacking also used such methods at targets which did not use SolarWinds. Microsoft previously acknowledged that some of its resellers, who often have continual access to customer systems, had been used in the hacks. It continues to deny that flaws in anything it provides directly have been used as an initial attack vector.

Microsoft declined to answer Reuters’ questions about which parts of its code had been downloaded or whether what the hackers discovered would have helped them hone techniques.

The company also declined to say whether it was changing any of its code as a result of the breach.

The Department of Homeland Security did not respond to questions.

The company said Thursday it had completed its probe and that it had “found no indications that our systems at Microsoft were used to attack others.”

Nevertheless, the problems with identity management have proved so pervasive in the recent attacks that multiple security companies have issued new guidelines and warnings as well tools for detecting misuse.

President Joe Biden has promised a response to the SolarWinds hacks, and an inquiry and remediation effort is being led by his top cybersecurity official, Deputy National Security Advisor Anne Neuberger.

The Senate Intelligence Committee will hold a hearing on the hacks Tuesday with witnesses including Microsoft President Brad Smith and FireEye Chief Executive Kevin Mandia.

(Reporting by Joseph Menn; Editing by Jonathan Oatis and Christopher Cushing)

Share51TweetShareShare
Next Post
IP Vanish Review

IPVanish VPN review

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's choice

COMb data leak - Mother of all breaches
News

COMB: largest breach of all time leaked online with 3.2 billion records

by Bernard Meyer
12 February 2021
37

It's being called the biggest breach of all time and the mother of all breaches: COMB, or the Compilation of...

Read more
14 million Amazon and eBay accounts sold online in new leak

14 million alleged Amazon and eBay account details sold online

17 February 2021
The hype around quantum computing: it’s not too early to get in

The hype around quantum computing: it’s not too early to get in

15 February 2021
Facebook phishing campaign that tricked nearly 450,000 users in Germany is now spreading in the UK

Facebook phishing campaign that tricked nearly 450,000 users in Germany is now spreading in the UK

15 February 2021
Cyberpunk 2077 maker CD Projekt Red has GWENT source code leaked after ransomware attack

Cyberpunk 2077 maker CD Projekt Red has GWENT source code leaked after ransomware attack

10 February 2021
  • Categories
    • News
    • Editorial
    • Security
    • Privacy
  • Reviews
    • Antivirus Software
    • Password Managers
    • Best VPN Services
    • Secure Email Providers
    • Website Builders
  • Tools
    • Password generator
    • Personal data leak checker
  • Engage
    • About Us
    • Send Us a Tip
    • Careers
  • Twitter
  • Facebook
  • YouTube
  • Linkedin
  • Flipboard
  • Newsletter
  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • About Us
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!