When customers updated the SolarWinds software — much like updating an iPhone overnight — they were unknowingly letting in an invader. Microsoft noted that the attack differed “significantly” from the SolarWinds hack, using new tools and tradecraft in an apparent effort to avoid detection. That is why Microsoft took the unusual step of naming the agency whose email addresses were being used and of publishing samples of the fake email. In essence, the Russians got into the Agency for International Development email system by routing around the agency and going directly after its software suppliers. Constant Contact manages mass emails and other communications on the aid agency’s behalf.

Source: International New York Times May 28, 2021 04:07 UTC