Security News > 2021 > January > More Cybersecurity Firms Confirm Being Hit by SolarWinds Hack

More Cybersecurity Firms Confirm Being Hit by SolarWinds Hack
2021-01-26 18:57

Cybersecurity companies Mimecast and Qualys have apparently been targeted by the threat actor that breached the systems of IT management solutions provider SolarWinds as part of a sophisticated supply chain attack.

Some experts believed at the time that the incident may be related to the SolarWinds breach, and Mimecast on Tuesday confirmed that the theft of the certificate was indeed related to the SolarWinds software compromise and carried out by the same hackers.

SolarWinds said roughly 18,000 customers received a piece of malware named Sunburst through malicious updates for its Orion monitoring product, and a few hundred private and government organizations that represented an interest to the attackers received additional payloads.

Based on such analysis, network forensics and security firm NETRESEC reported on Monday that one previously unidentified target of the SolarWinds hackers was information security and compliance company Qualys.

The company did not use SolarWinds products, but they were present on one machine as part of a software evaluation.

Other cybersecurity solutions providers that were targeted in the SolarWinds hack include Malwarebytes, FireEye, Palo Alto Networks, CrowdStrike, Microsoft, and Cisco.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/TRbI5GA_rko/more-cybersecurity-firms-confirm-being-hit-solarwinds-hack

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Solarwinds 44 0 80 95 40 215