Bulletins

Russian hackers targeted 140 US tech companies — and breached 14 of them

A new Microsoft report says basic security protocols can help companies protect against attacks.

Hacker looks for backdoors

Russian-linked SolarWinds hackers have targeted more than 100 U.S. tech companies.

Photo: Eclipse Images via Getty Images

Guessing poor passwords and basic email phishing attacks really seem to work, according to a report out from Microsoft today that the Russian hackers behind the SolarWinds attack have been using this basic technique to successfully breach as many as 14 U.S.-based companies.


The SolarWinds hackers, known as Nobelium and previously identified as part of Russia's foreign intelligence service, have been actively trying to attack more than 140 U.S.-based companies since May, according to the release. Microsoft believes it has identified the successful breaches early enough to help the companies prevent the hackers from being more successful. The Biden administration tried to punish the Russian government when the hackers were linked to the SolarWinds attack in 2020, but the Microsoft report shows those warnings have gone unheeded.

"This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government," Tom Burt, the corporate vice president for customer security and trust at Microsoft, wrote in today's announcement.

The company also released guidance for tech and IT companies to protect themselves from further attacks, and most of the advice reminds these companies that multi-factor authentication, removing old administrator and user accounts and other basic security protocols can help protect against the fairly low-level hacking attempts that Microsoft has witnessed succeed.

Latest Bulletins

After an aborted effort to enter the server chip market about five years ago, Qualcomm has decided to make another attempt, according to Bloomberg News.

Keep Reading Show less

Some of the most popular reproductive health apps lack strong privacy labels and security practices, according to a report published by Mozilla Wednesday.

Keep Reading Show less

Microsoft has finally broken its silence on a sales figure secret its kept close to its chest for more than half a decade.

Keep Reading Show less

The U.S. Commerce Department has implemented an export control on advanced chip design software that’s necessary to produce next-generation processors, expanding on existing controls that target chipmaking tools with the goal of hampering Chinese efforts to build the most complex chips domestically.

Keep Reading Show less

What was supposed to be a blockbuster crypto merger has morphed into a legal brawl. Galaxy Digital said Monday that it has terminated its $1.2 billion bid to buy BitGo, which it accused of failing to produce “audited financial statements."

Keep Reading Show less

Andreessen Horowitz is betting big on Adam Neumann's return to the real estate startup game.

Keep Reading Show less

Unity rejected AppLovin's offer to buy the company in an all-stock deal valued at $20 billion and instead will move forward with a plan to buy ad tech and monetization software company ironSource, the company said Monday.

Keep Reading Show less

Marqeta shares fell about 25% Thursday after the company revealed a weak outlook and founder Jason Gardner said he would step down.

Keep Reading Show less

Atlantic states may have a head start in the offshore wind game, but California has a plan to catch up — and even surpass — them.

Keep Reading Show less

The Federal Trade Commission has officially begun the long-awaited process of regulating digital data by reining in "surveillance" and lax security in a move that could have sweeping consequences for Big Tech and industries far beyond.

Keep Reading Show less

Meta announced it is expanding end-to-end encryption in Messenger, just days after news broke that the company gave Nebraska law enforcement Messenger chats between a 17-year-old girl and her mother discussing a medical abortion. Meta told Wired the announcement and the Nebraska case are unrelated, however, Meta would not have been able to access the chats if the girl and mother had used end-to-end encryption.

Keep Reading Show less

Coinbase said the SEC is looking into different aspects of the crypto company’s business, including “existing and intended future products,” according to a regulatory filing.

Keep Reading Show less

Microsoft accused its gaming rival Sony of trying to hurt the success of its subscription gaming platform by signing contracts with game developers that prohibit distribution through Xbox Game Pass, according to a new regulatory filing published in Brazil. The news was first reported by gaming outlet VGC on Wednesday.

Keep Reading Show less

Disney is getting ready to introduce an ad-supported Disney+ plan in December and will use that occasion to significantly raise the price of its existing ad-free subscription tier.

Keep Reading Show less

The CFPB said Wednesday that it has imposed a $2.7 million fine on Hello Digit, an app that claims to help users put aside money for rainy days but that the regulator said messed up their finances.

Keep Reading Show less

Facebook gave law enforcement in Nebraska private messages sent between a mother and a 17-year-old girl, who are now facing several charges in the state relating to a medication abortion the girl had. Facebook was served a search warrant, which was obtained by Vice, asking for their private data as part of the state's investigation.

Keep Reading Show less

Video game software company Unity can get bought by AppLovin or merge with ironSource, but it can’t do both.

Keep Reading Show less

Coinbase posted dismal results Tuesday as the crypto powerhouse got slammed by a downturn that “came fast and furious.”

Keep Reading Show less

Over the weekend, the Senate passed the Inflation Reduction Act. The legislation is the largest investment in addressing climate change ever made at the federal level.

Keep Reading Show less

The U.S. has begun cracking down on imported goods from China that may have been made with Uyghur forced labor. That includes solar panels, which have been detained at the border or shipped back to China in recent weeks.

Keep Reading Show less

As pressure mounts on Big Tech to do more to protect the youngest users, Snap is launching a new family center that will allow parents to see who their kids are friends with on Snap and report suspicious accounts.

It’s part of a wave of new kid safety features being launched by tech giants, including Meta and Apple. But Snap has an arguably bigger hill to climb in implementing these features than either of those companies. To get parents of teens to use Snap’s parental controls, first, parents of teens need to actually use Snap.

Keep Reading Show less

North Korean hackers used Tornado Cash, a mixer platform for cryptocurrencies, to launder funds. That's according to the U.S. Treasury Department, which imposed sanctions on the USDC and ETH wallet addresses associated with the protocol Monday.

Keep Reading Show less

Google has filed a new patent infringement lawsuit against Sonos, alleging the violation of four patents. Most of the claims focus on voice assistant functionality; Google alleges that Sonos began violating its patents when Sonos introduced its own voice assistant this summer.

Keep Reading Show less

Twilio disclosed that a cyberattack involving the theft of employee credentials allowed attackers to access data from "a limited number" of customer accounts.

Keep Reading Show less

Block reported second-quarter earnings that just topped analysts’ estimates, but shares fell as investors digested the effect of the macroeconomic environment on the company’s core payments businesses. Bitcoin volume also dragged on total revenue.

Keep Reading Show less
Bulletins