fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Malwarebytes Says SolarWinds Hackers Accessed Its Internal Emails

Malwarebytes Says SolarWinds Hackers Accessed Its Internal Emails

Cybersecurity firm Malwarebytes today confirmed that the threat actor behind the SolarWinds supply-chain attack were able to gain access to some company emails.

“While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor,” Malwarebytes CEO and co-founder Marcin Kleczynski said.

“We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments.

“After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails.”

However, Kleczynski also added that the company did not find evidence of a compromise or unauthorized access to internal production or on-premises environments.

The threat actor behind the SolarWinds hack is tracked as StellarParticle (CrowdStrike), UNC2452 (FireEye), and Dark Halo (Volexity), and is likely a Russian-backed Advanced Persistent Threat (APT) group according to a joint statement issued by the FBI, CISA, ODNI, and the NSA earlier this month.

Also Read: A Look at the Risk Assessment Form Singapore Government Requires

Malwarebytes software is safe to use

Malwarebytes discovered that the threat actor that coordinated the SolarWinds hack used applications with privileged access infiltrate the company’s Microsoft Office 365 and Azure environments.

“We received information from the Microsoft Security Response Center on December 15 about suspicious activity from a third-party application in our Microsoft Office 365 tenant consistent with the tactics, techniques and procedures (TTPs) of the same advanced threat actor involved in the SolarWinds attacks,” Kleczynski added.

“The investigation indicates the attackers exploited an Azure Active Directory weakness that allowed access to a limited subset of internal company emails.”

Malwarebytes software is safe to use given that a thorough analysis of “all Malwarebytes source code, build and delivery processes,” did not reveal any signs of unauthorized access or compromise.

Emails accessed via the Microsoft Graph service

The SolarWinds hackers also targeted Malwarebytes administrative and service credentials by adding a self-signed certificate with credentials to the Microsoft Graph service principal account.

This later allowed them to “authenticate using the key and make API calls to request emails via MSGraph.”

Malwarebytes is the fourth cybersecurity firm to confirm that its systems were targeted by the threat actor that orchestrated the SolarWinds supply-chain attack after MicrosoftFireEye, and CrowdStrike.

“While we have learned a lot of information in a relatively short period of time, there is much more yet to be discovered about this long and active campaign that has impacted so many high-profile targets,” Kleczynski said.

Also Read: How to Send Mass Email Without Showing Addresses: 2 Great Workarounds

“It is imperative that security companies continue to share information that can help the greater industry in times like these, particularly with such new and complex attacks often associated with nation state actors.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us