New
#1
Malwarebytes Hacked by SolarWinds Attackers
Excerpts:
US cyber-security firm Malwarebytes today said it was hacked by the same group which breached IT software company SolarWinds last year.
Malwarebytes said its intrusion is not related to the SolarWinds supply chain incident since the company doesn't use any of SolarWinds software in its internal network.
Instead, the security firm said the hackers breached its internal systems by exploiting an Azure Active Directory weakness and abusing malicious Office 365 applications.
Malwarebytes said it learned of the intrusion from the Microsoft Security Response Center (MSRC) on December 15.
"After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails," said today Marcin Kleczynski, Malwarebytes co-founder and current CEO.
"Our internal systems showed no evidence of unauthorized access or compromise in any on-premises and production environments.
"Our software remains safe to use," Kleczynski added.
Malwarebytes said it was hacked by the same group who breached SolarWinds | ZDNet