Security News

Threat actors downloaded some Microsoft Exchange and Azure code repositories during the sprawling SolarWinds supply-chain attack but did not use the company's internal systems or products to attack other victims. "We have now completed our internal investigation into the activity of the actor which confirms that we found no evidence of access to production services or customer data," the company said in a blog post on its Microsoft Security Response Center published Thursday.

Microsoft has completed its internal investigation about the Solorigate security incident, and has discovered that the attackers were very interested in the code of various Microsoft solutions. The attackers viewed some files here and there, but they also managed to download source code from a "Small number of repositories," and this includes the code for some important Microsoft Azure components.

Microsoft has admitted that as a result of installing backdoored SolarWinds tools in some parts of its corporate network, portions of its source code was obtained and exfiltrated by parties unknown. "There was no case where all repositories related to any single product or service was accessed," the update advises, adding: "There was no access to the vast majority of source code. For nearly all of code repositories accessed, only a few individual files were viewed as a result of a repository search."

Microsoft on Thursday said it concluded its probe into the SolarWinds hack, finding that the attackers stole some source code but confirmed there's no evidence that they abused its internal systems to target other companies or gained access to production services or customer data. The disclosure builds upon an earlier update on December 31, 2020, that uncovered a compromise of its own network to view source code related to its products and services.

Microsoft announced today that the SolarWinds hackers gained access to source code for a limited number of Azure, Intune, and Exchange components. After internal investigations of their use of the SolarWinds platform, Microsoft announced in December that they were affected by the attack and that hackers could gain access to a limited amount of source code repositories.

Microsoft announced today that the SolarWinds hackers gained access to source code for a limited number of Azure, Intune, and Exchange components. After internal investigations of their use of the SolarWinds platform, Microsoft announced in December that they were affected by the attack and that hackers could gain access to a limited amount of source code repositories.

The servers of British cryptocurrency exchange EXMO were taken offline temporarily after being targeted in a distributed denial-of-service attack. "We are currently experiencing a DDoS attack on our platform," the exchange said in a notification published earlier today.

North Korean attacks on crypto exchanges reportedly netted an estimated $316m in cryptocurrency in 2019 and 2020, according to a report by Japan's Nikkei. The outlet says it saw that figure in a draft of a United Nations report destined for the desk of the Security Council's North Korea Sanctions Committee.

A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free. Over the weekend, a threat actor known as ShinyHunters posted the link to an archive that contains the alleged database dumps for the Buyucoin cryptocurrency exchange.

A webshell called BumbleBee has taken flight in an ongoing xHunt espionage campaign that has targeted Microsoft Exchange servers at Kuwaiti organizations. "We found BumbleBee hosted on an internal Internet Information Services web server on the same network as the compromised Exchange server, as well as on two internal IIS web servers at two other Kuwaiti organizations," researchers explained in a Monday blog.