Microsoft Says SolarWinds Hackers Exploit Customer Support Tools
Microsoft he says cybercriminals behind the SolarWinds The attack compromised the device of a Microsoft customer service agent to launch hacking attempts against his customers.
U device of the agent had access to Microsoft customer support tools and basic account information for a “small number of our customers”, which the pirate exploited to launch “highly targeted attacks as part of a wider campaign,” the company said he said in a blog post Friday. Microsoft’s Threat Intelligence Center has attributed the attacks to Nobel, the group of state-sponsored Russian hackers who have intruded into the networks of major federal agencies, IT companies and other entities around the world because of programs compromised by the Texas company, SolarWinds.
Microsoft he said he is aware of three entities which they were compromised in this phishing campaign, although she did not identify the victims. It is he has since dismissed the attacker access, secured the compromised device, and initiated the al processirritation all sliced customers by means of his notification of the Nation-State process, Microsoft said.
The agent, Microsoft said Reuters, had access to billing contact information and what services customers pay, among other data. It is he did not say whether the agent was a contract or a direct employee of Microsoft. Nobelium had access to the agent’s device during the second half of May, according to a press release to affected Microsoft customers reviewed by Reuters.
In warning, Microsoft he said customers to Be careful when communicating with billing contacts and to think about changing their usernames and email addresses, outlet reports. Microsoft also encouraged users on Friday to employ security practices such as Multi-factor authentication is cunero-trust architecture, a security model that treats all users as potential threats to their identities can be correctly authenticated. Apart from, Windows 11, which is scheduled to launch later this year, he needs one specific security function called a TPM, or trust platform module, on existing and new devices for update.