We do not use Azure cloud services in our production environments.Ĭonsidering the supply chain nature of the SolarWinds attack, and in an abundance of caution, we immediately performed a thorough investigation of all Malwarebytes source code, build and delivery processes, including reverse engineering our own software. The investigation indicates the attackers leveraged a dormant email protection product within our Office 365 tenant that allowed access to a limited subset of internal company emails. Together, we performed an extensive investigation of both our cloud and on-premises environments for any activity related to the API calls that triggered the initial alert. We immediately activated our incident response group and engaged Microsoft’s Detection and Response Team (DART). We received information from the Microsoft Security Response Center on December 15 about suspicious activity from a third-party application in our Microsoft Office 365 tenant consistent with the tactics, techniques and procedures (TTPs) of the same advanced threat actor involved in the SolarWinds attacks. We found no evidence of unauthorized access or compromise in any of our internal on-premises and production environments. After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails. We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments. While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor. We first reported on the event in our December 14 blog and notified our business customers using SolarWinds asking them to take precautionary measures.
IS MALWAREBYTES FREE SUFFICIENT SOFTWARE
PLEASE CHECK THE WIKI FOR BASIC HELP + TROUBLESHOOTING INFO BEFORE POSTING.A nation state attack leveraging software from SolarWinds has caused a ripple effect throughout the security industry, impacting multiple organizations. Our regularly-updated wiki contains all sorts of useful information, including links to reputable developers of antivirus/antimalware/internet security/endpoint protection/endpoint detection and response/ programs, information about specialized scanning and cleaning tools, information about security tests and testers, practical information on securing your devices and a glossary.
IS MALWAREBYTES FREE SUFFICIENT MODS
Click here send a message to the r/antivirus mods so we can set you up with your company flair. You are expected to participate in discussions where you can lend your expertise.
Posting about Sales, Beta's, that sort of thing is allowed, but don't spam it.
You are more than welcome here, as long as you respect Reddit's Self Promotion rules, and are not pushing your product unduly.
Welcome! You can get all of the help you need here, along with advice on removing any kind of malicious or unwanted software and choosing the right antivirus/internet security/endpoint protection for you! If you see any spam or abusive messages, please use the report function to report it to the mods. Https//Failure to respect the rules and each other may result in a permanent ban. If you must post a link, please 'de-fang' it by breaking the URL up with brackets like so: Please take a moment to familiarize yourself with our rules and check our regularly-updated wiki before posting.ĭo not post links to websites offering commissions, affiliate links, or sponsored installs.ĭo not intentionally link to malicious sites (links to VirusTotal and Hybrid Analysis are fine).
0 kommentar(er)
