Have a scoop that you'd like GeekWire to cover? SolarWinds is a Microsoft Office 365 customer and said this week in a regulatory filing that it was “made aware of an attack vector that was used to … In a filing with the U.S. Securities and Exchange Commission on Monday, SolarWinds said it believed its monitoring products could have been used to compromise the servers of as many as 18,000 of its customers. Cisco Systems Inc. is the latest company targeted in the SolarWinds hack as Microsoft Corp. has discovered a second hacking group that was also targeting SolarWinds' software.The attack on … Microsoft has confirmed that they were hacked in the recent SolarWinds attacks but denied that their software was compromised in a supply … Raphael Satter WASHINGTON (Reuters) -The hacking group behind the SolarWinds compromise was able to break into Microsoft Corp and access some of its source code, Microsoft … Redmond, Washington-based Microsoft has become a significant vendor of cloud and security software and services, including to large government agencies, making its reputation for network protection critical to sales. Microsoft says internal probe finds malicious SolarWinds code, no sign of further impact yet, How the SolarWinds hackers are targeting cloud services in unprecedented cyberattack, ‘The week has literally exploded’: Tech security startups grapple with SolarWinds fallout, SolarWinds hack: What we know, and don’t know, so far, Clap your mittens: Bernie Sanders makes his way to Seattle in meme that is taking over social media, Report: Bill Gates is largest owner of private farmland in U.S., with acreage across 18 states, ‘I feel great’: Bill Gates shares photo of himself getting first dose of COVID-19 vaccine, Microsoft campus near Seattle will be used to administer COVID-19 vaccine, Like what you're reading? SolarWinds is a Microsoft Office 365 customer, and said in a Dec. 14 regulatory filing that it was “made aware of an attack vector that was used to compromise the Company’s emails and may have provided access to other data contained in the Company’s office productivity tools.” SolarWinds said it was working with Microsoft to investigate whether this attack was associated with the attack on its Orion software build system. The sophisticated attacks are believed to be the work of the same Russian hacking group responsible for the 2016 attacks on the Democratic National Committee. The U.S. Cybersecurity and Infrastructure Security Agency said previously that the attacks pose “a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.”, In its Thursday post, Microsoft says its internal practices start with the assumption that a hacker will gain access in a breach, and work to prevent further infiltration or damage. ET First Published: Jan. 22, 2021 at 4:48 p.m. “It’s alarming because it is so sophisticated, its reach is so broad and it’s reckless -- it put at risk the technology supply chain for the global economy,” he said. Microsoft’s Role In SolarWinds Breach Comes Under Scrutiny. Amid its investigation of its own networks, Microsoft also had 500 employees helping customers monitor and cope with the attack. The company is a customer of SolarWinds Corp., whose software the hackers are believed to have used to gain access to networks by installing malicious code. The software giant’s involvement emerged as the wider repercussions of the far-reaching hack became more clear. An NSA advisory released on 17 December 2020 referenced Microsoft products such as Azure and Active Directory, which the technology giant later confirmed.. Microsoft Falls Victim to SolarWinds Hack Like with the cyberattack of SolarWinds, hackers … An ongoing investigation into the SolarWinds hack resulted in Microsoft finding evidence its source code was seen during the course of the campaign being carried out, the company explained. SolarWinds, based in Austin, Texas, said about 18,000 customers may have installed the compromised software. Microsoft has separately made a series of aggressive moves to stymie the attacks, taking steps to safeguard Windows from the hacks, while seizing control of a key domain used in the attacks. Russia-Linked Hack Spread Via New Malware, Security Experts... Roubini Expects Violence, Cyber Attacks During Biden’s Term, WhatsApp’s New Terms Spur Downloads of Messaging Rivals. Microsoft Corp. was wrapped into a massive cybersecurity attack late last year, but the unprecedented intrusion may actually end up being a positive for the company's bottom line. Read more: Hackers Tied to Russia Hit U.S. Nuclear Agency, Three States. SolarWinds Hackers Gain Access To Microsoft’s Source Code. Five new SolarWinds hack victims came to light today Microsoft now joins a list of high-profile entities that have been hacked via a backdoored update for the SolarWinds … This identifies customers who use Defender and who installed versions of SolarWinds’ Orion software containing the attackers’ malware. WATCH: Microsoft President Brad Smith discusses the cyber attack on "Bloomberg Technology.". The nature of the initial phase of the attack and the breadth of supply chain vulnerability is illustrated clearly in the map below, which is based on telemetry from Microsoft’s Defender Anti-Virus software. The U.S. nuclear weapons agency and at least three states were also hacked. Cyber Firm SonicWall Says It Was Victim of ‘Sophisticated’ H... Parler’s New Partner Has Ties to the Russian Government. The hackers were meticulous in covering their tracks. One Microsoft account compromised by suspected Russian hackers had been used … Microsoft Corp. said its systems were exposed to the malware used in the Russia-linked hack that targeted U.S. states and government agencies, adding that investigations so far show the malicious software wasn’t used to attack others and didn’t impact customer data or outward-facing systems. The departments of Homeland Security, Treasury, Commerce and State were breached, according to a person familiar with the matter. After the SolarWinds trojan was delivered to organizations, the attackers spent about a month pinpointing victims, according to Microsoft. Cybersecurity firm Malwarebytes this week revealed that it too was targeted by the SolarWinds hackers — not through SolarWinds software, but by abusing applications with privileged access to Microsoft 365 and Azure environments. Microsoft and a coalition of tech companies have intervened today to seize and sinkhole a domain that played a central role in the SolarWinds hack, … The U.S. Defense Department has awarded Microsoft a $10 billion cloud-computing contract, which is currently being contested in court by rival bidder Amazon.com Inc. Have a confidential tip for our reporters? Microsoft has become ensnared in probes surrounding the colossal U.S. government hack, … Hackers were able to infiltrate business and government computer systems by illicitly inserting malware into software updates for a widely used IT infrastructure management product, the Solarwinds Orion Platform. Separately, Microsoft said Thursday in a blog post about the broader cyber-attack that it identified and has been working this week to notify more than 40 customers that the hackers targeted more precisely and compromised through additional and sophisticated measures.