As part of its ongoing investigations in the SolarWinds cyberattack, Microsoft has revealed that its internal source code was likely accessed by the attackers. What has Microsoft revealed in its new investigations? Microsoft says they rely on “open source software development best practices” and “an open source-like culture” for development of software. Typically, source code is viewable by teams within Microsoft, according to the blog. The company also notes that its threat models “assume that attackers have knowledge of source code.” Microsoft is downplaying the risk saying just viewing the source code should not cause any new elevated risks.

Source: Indian Express January 01, 2021 10:18 UTC