Microsoft says it found malicious software in its systems

219 点作者 0xedb超过 4 年前

23 条评论

AareyBaba超过 4 年前

Statement from Microsoft President here on security<a href="https://blogs.microsoft.com/on-the-issues/2020/12/17/cyberattacks-cybersecurity-solarwinds-fireeye/" rel="nofollow">https://blogs.microsoft.com/on-the-issues/2020/12/17/cyberat...</a>"One of the more chilling developments this year has been what appears to be new steps to use AI to weaponize large stolen datasets about individuals and spread targeted disinformation using text messages and encrypted messaging apps.""a second evolving threat, namely the growing privatization of cybersecurity attacks through a new generation of private companies, akin to 21st-century mercenaries.""As humanity raced to develop vaccines, Microsoft security teams detected three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for Covid-19.""One indicator of the current situation is reflected in the federal government’s insistence on restricting through its contracts our ability to let even one part of the federal government know what other part has been attacked. Instead of encouraging a “need to share,” this turns information sharing into a breach of contract. It literally has turned the 9/11 Commission’s recommendations upside down."

评论 #25465833 未加载

评论 #25466767 未加载

blhack超过 4 年前

How will this even begin to be remediated (the broader hack that is coming to light right now)?It seems like malicious actors had unrestricted access to almost every major computer system in the US Government, and now possibly microsoft itself as well?How are these people ever going to be able to trust any of this equipment ever again? This just seems unbelievably catastrophic.

评论 #25463197 未加载

评论 #25462664 未加载

评论 #25463057 未加载

评论 #25464247 未加载

评论 #25463260 未加载

评论 #25468036 未加载

评论 #25463202 未加载

评论 #25463216 未加载

评论 #25463176 未加载

yborg超过 4 年前

Microsoft has now categorically denied it."We have no indication of this," company President Brad Smith told New York Times reporter Nicole Perlroth. Perlroth said the company stood by a statement it issued on Sunday saying it had no indication of a vulnerability in any Microsoft product or cloud service in its investigations of the hacking campaign."

评论 #25462358 未加载

评论 #25464269 未加载

评论 #25463529 未加载

dgudkov超过 4 年前

>The U.S. National Security Agency issued a rare “cybersecurity advisory” Thursday detailing how certain Microsoft Azure cloud services may have been compromised by hackersI believe there is common overestimation of security of cloud providers. Microsoft Azure was just breached and that's only what we know. There might be breaches at other cloud providers we're not aware of.Centralization creates an exponentially growing incentive for bad actors. Decentralization has been given up too soon.

chrononaut超过 4 年前

It is always events like these that make me ponder if the Internet will devolve into regional Internets, which still wouldn't necessarily prevent or stop any determined attacker from performing these types of attacks. So perhaps it's never.

评论 #25463133 未加载

评论 #25463444 未加载

评论 #25463019 未加载

shiado超过 4 年前

Does anybody have any details on the Russia attribution? Not looking to start political flame bait here just curious what details are out there.

评论 #25463039 未加载

评论 #25463074 未加载

评论 #25463167 未加载

评论 #25463452 未加载

markus_zhang超过 4 年前

I wonder when we will hear the news that all major clouds have been breached and data has been leaking for months/years...would be interesting to see. My wet dream is that people ditch the cloud to hold their own infrastructures.

评论 #25463364 未加载

marcosdumay超过 4 年前

And, of course, unrestricted access to Microsoft leads to unrestricted access to nearly any company on the world.I need some popcorn.

评论 #25464181 未加载

nethunters超过 4 年前

The most scariest part from this is Homeland Security saying that Solarwinds wasn't the only vector used by the APT.

评论 #25462883 未加载

CyanLite4超过 4 年前

I’m hesitant to blame anyone before we understand the full scope. “Breached into Microsoft” could mean they hacked into a guest public WiFi access point.

seibelj超过 4 年前

And backdoors in everything is a good idea? This is beyond hilarious. The silver lining is that argument is 100% dead in the water going forwards.

评论 #25464031 未加载

评论 #25463034 未加载

评论 #25462987 未加载

评论 #25462800 未加载

评论 #25465358 未加载

HenryKissinger超过 4 年前

If you're a cybersecurity consultant, you can practically dictate your salary at this point. What's $3,000/hour to the government or a Fortune 500 to recover from a cyberattack like this?There must be a lot of all nighters behind the scenes.

评论 #25463076 未加载

coldcode超过 4 年前

Goes to show that you are only as secure as your weakest dependency. Allow and trust software into your organization built by a system protected by an obvious single factor password (which you didn't know about or ask) and no matter what else you did you are screwed.I worked at a healthcare company that stored its production credentials (with no login auditing) in a plain text file accessible by half the employees and contractors and when I complained that this was dumb (and violated HIPAA) was told "we passed our audits and we trust our employees".

sjg007超过 4 年前

I am not surprised, it's a dirty little secret in the software industry that we employ a lot of Russian and other potentially vulnerable Eastern European software contractors. Not to blame anyone specifically, I mean the threat could equally come from India or China. Or even a direct hack. It could also be an insider threat from an American as well. Since software development is a complicated profession, it takes a lot of intelligent oversight to ensure that critical paths are secure; especially as we migrate to cloud and site wide solutions.

评论 #25463469 未加载

maest超过 4 年前

What is the actual evidence that the hack was done by Cozy Bear/APT29/Russia?I keep seeing this information repeated all over the place, but no mention of how that is actually known.

评论 #25467960 未加载

ohuf超过 4 年前

Here's the link to the NSA Cyber Advisory mentioned in the article: <a href="https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2434988/russian-state-sponsored-malicious-cyber-actors-exploit-known-vulnerability-in-v/" rel="nofollow">https://www.nsa.gov/News-Features/Feature-Stories/Article-Vi...</a>

hellodang超过 4 年前

Microsoft is working on the big government cloud solution defense contract, JEDI. Certainly a prime target for state actors.

foxhop超过 4 年前

I'm buying FEYE stock.

评论 #25465036 未加载

评论 #25471606 未加载

yters超过 4 年前

The more lockdown the more lucrative big hacks become.

moocowtruck超过 4 年前

hopefully private repos on github are safe

评论 #25462982 未加载

评论 #25462748 未加载

Shared404超过 4 年前

> Still, another person familiar with the matter said the Department of Homeland Security (DHS) does not believe Microsoft was a key avenue of fresh infection.Thoughts on this? It seems unlikely to me that someone who compromises literally the enterprise desktop OS manufacturer isn't going to take advantage of the situation.

评论 #25465345 未加载

desktopninja超过 4 年前

I wonder how much social engineering played a part in this?

seanwilson超过 4 年前

[Edit: Question was answered in article]

评论 #25462823 未加载