"The Silicon Valley company said hackers — almost certainly Russian — made off with tools that could be used to mount new attacks around the world."
https://www.nytimes.com/2020/12/08/technology/fireeye-hacked-russians.html
It appears Malwarebytes' internal email system was targeted in a similar attack, although they are assuring customers that "Our internal systems showed no evidence of unauthorized access or compromise in any on-premises and production environments. Our software remains safe to use". From the Malwarebytes News article Malwarebytes Targeted by Nation State Actor Implicated in SolarWinds Breach. Evidence Suggests Abuse of Privileged Access to Microsoft Office 365 and Azure Environments (last updated 27-Jan-2021):
...While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor. We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments. After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails. We found no evidence of unauthorized access or compromise in any of our internal on-premises and production environments....
Kudos to Malwarebytes for posting publicly about this. It makes me wonder if there are other AV companies who had their company email systems attacked by the same intrusion vector but aren't being as transparent with their customers.
The Sunburst hack was massive and devastating. Here are 5 observations from a cybersecurity expert
So much remains unknown about what is now being called the Sunburst hack, the cyberattack against US government agencies and corporations. US officials widely believe that Russian state-sponsored hackers are responsible.
The attack gave the perpetrators access to numerous key American business and government organisations. The immediate effects will be difficult to judge, and a complete accounting of the damage is unlikely.
However, the nature of the affected organisations alone makes it clear that this is perhaps the most consequential cyberattack against the US to date.
An act of cyberwar is usually not like a bomb, which causes immediate, well-understood damage. Rather, it is more like a cancer — it's slow to detect, difficult to eradicate and it causes ongoing and significant damage over a long period of time.
Here are five points that cybersecurity experts — the oncologists in the cancer analogy — can make with what's known so far.
Looks like Microsoft has also been hit but is fighting back. https://a.msn.com/r/2/BB1c1ul2?m=en-us&referrerID=InAppShare
I rest my case with this: https://a.msn.com/r/2/BB1bTKVF?m=en-us&referrerID=InAppShare
Its amazing the lameness of corporations, if they spent 50% of the resources they do for marketing toward SECURING their products, infrastructure and customer data, what a different world it would indeed be. But then, this is America, we seem to live in an alternate reality in that regard.
Cheers