Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code

2021-02-19 14:11

Threat actors downloaded some Microsoft Exchange and Azure code repositories during the sprawling SolarWinds supply-chain attack but did not use the company's internal systems or products to attack other victims.

"We have now completed our internal investigation into the activity of the actor which confirms that we found no evidence of access to production services or customer data," the company said in a blog post on its Microsoft Security Response Center published Thursday.

Once embedded, the attackers were able to pick and choose which organizations to further penetrate.

Microsoft came out as one of those victims in December, acknowledging that malicious SolarWinds binaries were detected in its environment, which the company immediately isolated and removed, a spokesperson said at the time.

Threat actors apparently accessed and downloaded source code from a "Small number of repositories," Microsoft said.

These repositories contained code for: A small subset of Azure components including those related to service, security and identity; a small subset of Intune components; and a small subset of Exchange components.

News URL

https://threatpost.com/microsoft-solarwinds-azure-exchange-code/164104/

#azure #exchange #microsoft #solarwinds

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Solarwinds		56	33	104	80	50	267

News URL

Related news

Related vendor