Report: Vulnerability in SolarWinds hack dismissed by Microsoft

14 June 2024

Microsoft was reported by ProPublica to have ignored warnings by former employee Andrew Harris regarding the presence of the Golden SAML vulnerability in its Active Directory Federation Services offering years before it had been leveraged to facilitate the widespread SolarWinds software supply chain hack in 2020, according to CRN. With the infection of SolarWinds Orion software resulting in the compromise of numerous organizations around the world, including the National Nuclear Security Administration and the National Institutes of Health, more urgent Microsoft action may have helped avert Golden SAML flaw exploitation, noted the ProPublica report, the findings of which were not challenged by Microsoft.

Source: SC Magazine

Date:

14 June 2024

Categorie(s):

NEWS

Tag(s):

Microsoft, Network Security, Security Pro, SolarWinds, Vulnerability

Internet Archive Secures Zendesk Account, Works Toward Full-Service Restoration23 October 2024
Ghosts in the Machines: NHIs spread terror this Halloween 23 October 2024
Grayscale Investments Data Breach Exposes 693K User Records Reportedly Affected23 October 2024
Researchers Reveal ‘Deceptive Delight’ Method to Jailbreak AI Models23 October 2024
US Government Pledges to Cyber Threat Sharing Via TLP Protocol23 October 2024