SolarWinds hackers breach new victims, including a Microsoft support agent

The nation-state hackers who orchestrated the SolarWinds supply chain attack compromised a Microsoft worker’s computer and used the access to launch targeted attacks against company customers, Microsoft said in a terse statement published late on a Friday afternoon.

The hacking group also compromised three entities using password-spraying and brute-force techniques, which gain unauthorized access to accounts by bombarding login servers with large numbers of login guesses. With the exception of the three undisclosed entities, Microsoft said, the password-spraying campaign was “mostly unsuccessful.” Microsoft has since notified all targets, whether attacks were successful or not.

Source

The Big Boss and Dictator of The Cult of the Crispy Geek

Leave a Reply