The suspected Russian hackers behind the worst U.S. cyberattack in years used reseller access to Microsoft Corp. services to penetrate targets that had no compromised network software from SolarWinds Corp., investigators said.Updates to SolarWinds’ Orion software were the only known point of entry until Thursday, when security company CrowdStrike Holdings Inc. said hackers had gained access to the vendor that sold it Office licenses and had used that to try to read CrowdStrike’s email. It did not specifically identify the hackers as being the ones that compromised SolarWinds, but two people familiar with CrowdStrike’s investigation said they were.CrowdStrike uses Office programs for word processing but not email. The failed attempt, made months ago, was pointed out to CrowdStrike by Microsoft on December 15.CrowdStrike, which does not use SolarWinds, said it had found no impact from the intrusion attempt and declined to name the reseller.”They got in through the reseller’s access and tried to enable mail ‘read’ privileges,” one person familiar with the investigation told Reuters. “If it had been using Office 365 for email, it would have been game over.”Many Microsoft software licenses are sold through third parties, and those companies can have near-constant access to clients’ systems as the customers add products or employees.Be on guardMicrosoft said Thursday that those customers need to be vigilant.”Our investigation of recent attacks has found incidents involving abuse of credentials to gain access, which can come in several forms,” said Microsoft senior director Jeff Jones. “We have not identified any vulnerabilities or compromise of Microsoft product or cloud services.”The use of a Microsoft reseller to try to break into a top digital defense company raises new questions about how many avenues the hackers, whom U.S. officials have alleged are operating on behalf of the Russian government, have at their disposal.FILE – This Feb. 11, 2015, photo shows FireEye offices in Milpitas, Calif.The known victims so far include CrowdStrike security rival FireEye Inc. and the U.S. departments of Defense, State, Commerce, Treasury and Homeland Security. Other big companies, including Microsoft and Cisco Systems Inc., said they found tainted SolarWinds software internally but had not found signs that the hackers used it to range widely on their networks.Until now, Texas-based SolarWinds was the only publicly confirmed channel for the initial break-ins, although officials have been warning for days that the hackers had other ways in.Microsoft reportReuters reported a week ago that Microsoft products were used in attacks. But federal officials said they had not seen it as an initial vector, and the software giant said its systems were not utilized in the campaign.
Microsoft then hinted that its customers should still be wary. At the end of a long, technical blog post Tuesday, it mentioned seeing hackers reach Microsoft 365 Cloud “from trusted vendor accounts where the attacker had compromised the vendor environment.”Microsoft requires its vendors to have access to client systems in order to install products and allow new users. But discovering which vendors still have access rights at any given time is so hard that CrowdStrike developed and released an auditing tool to do that.After a series of other breaches through cloud providers, including a major set of attacks attributed to Chinese government-backed hackers and known as CloudHopper, Microsoft this year imposed new controls on its resellers, including requirements for multifactor authentication.The Cybersecurity and Infrastructure Security Agency and the National Security Agency had no immediate comment.Also Thursday, SolarWinds released an update to fix the vulnerabilities in its flagship network management software Orion following the discovery of a second set of hackers who had targeted the company’s products.That followed a separate Microsoft blog post Friday saying that SolarWinds’ software had been targeted by a second and unrelated group of hackers in addition to those linked to Russia.The identity of the second set of hackers, or the degree to which they may have successfully broken in anywhere, remains unclear.Russia has denied having any role in the hacking.
…
Day: December 24, 2020
Mexico became the first Latin American country Thursday to launch a COVID-19 vaccination initiative, offering hope to a nation that has lost some 120,000 people to the pandemic. Maria Irene Ramirez, the 59-year-old head nurse at the intensive care unit at Mexico City’s Ruben Lenero hospital, was the first to get the Pfizer-BioNTech vaccine, in keeping with the country’s strategy to focus first on health care workers. “This is the best gift that I could have received in 2020,” Ramirez said after being inoculated in a ceremony broadcast by national media. Chile will immediately start inoculations of health care workers after receiving the first 10,000 doses of a 10-million dose order of the Pfizer-BioNtech vaccine on Thursday, officials said. Also on Thursday, Costa Rica was preparing to vaccinate two senior citizens in a home near San Jose with the vaccine, while Argentina received about 300,000 doses of Russia’s Sputnik V vaccine. The first batch of the Pfizer-BioNTech COVID-19 vaccine arrives at the Juan Santamaria International Airport, as the coronavirus disease (COVID-19) outbreak continues, in Alajuela, Costa Rica, Dec. 23, 2020.In the USThe United States is about to complete its second week of vaccinations with about 1 million inoculations, mainly among health care workers and elderly residents of nursing homes. The numbers, however, are far short of the goal set by Operation Warp Speed, the federal government’s effort to mass produce millions of doses of vaccines, to inoculate 20 million Americans by the end of the year. U.S. Operation Warp Speed chief adviser Dr. Moncef Slaoui has warned that it would take longer to administer the doses. “The commitment that we can make is to make vaccine doses available,” Slaoui said during a press call. “How fast the ramp-up of immunizations, the shots in arms, is happening is slower than we thought it would be.” The Trump administration has reached a deal worth $2 billion to secure an additional 100 million doses of the Pfizer-BioNTech vaccine, which would boost the nation’s supply to 200 million doses by mid-July 2021. With surges throughout the U.S. leading to 327,000 COVID-19 deaths and 18.5 million coronavirus infections, according to Johns Hopkins University, the speed with which immunizations can be administered becomes increasingly important.Intensive Care Unit Nurse Merlin Pambuan, 66, is cheered by hospital staff as she walks out of the hospital where she spent eight months with COVID-19, at Dignity Health – St. Mary Medical Center, in Long Beach, California, Dec. 21, 2020. California became the first U.S. state Thursday to record 2 million coronavirus cases. The grim Christmas Eve milestone was reached as the state was under a strict stay-at-home order and hospitals were overwhelmed with the largest number of infections since the pandemic began more than nine months ago. The coronavirus causes the COVID-19 disease. Sinovac vaccineBrazilian researchers said Wednesday the coronavirus vaccine developed by Chinese drug maker Sinovac Biotech was found to be more than 50% effective in a late-stage clinical trial. But officials at the state-run research institute Butantan say they are withholding the results of the trial at Sinovac’s request, raising issues once again about the lack of transparency involving the vaccine’s development. Tests of the Sinovac vaccine, dubbed CoronaVac, were halted last month after an “adverse, serious event” involving a volunteer participant in late October. Sinovac is one of many drug makers around the world that have been racing to develop a safe and effective vaccine against COVID-19, which has killed more than 1.7 million people out of more than 79 million confirmed infections, according to the Johns Hopkins University’s Coronavirus Resource Center. New variantChina on Thursday became the latest country to suspend all travel with Britain after the discovery of a new and more contagious strain of the novel coronavirus. The new variant has swept through southern Britain in recent weeks, prompting British Prime Minister Boris Johnson to impose more restrictive lockdown measures in some parts of the country ahead of Christmas Day.
…
Brazilian researchers said Wednesday the coronavirus vaccine developed by Chinese drug maker Sinovac Biotech was found to be more than 50% effective in a late-stage clinical trial. But officials at the state-run research institute Butantan say they are withholding the results of the trial at Sinovac’s request, raising issues once again about the lack of transparency involving the vaccine’s development. Tests of the Sinovac vaccine, dubbed CoronaVac, were halted last month after an “adverse, serious event” involving a volunteer participant in late October. Sinovac is one of many drug makers around the world who have been racing to develop a safe and effective vaccine against COVID-19, which has killed more than 1.7 million people out of more than 78.7 million total confirmed infections, according to Johns Hopkins University’s Coronavirus Resource Center. Latin America received its first doses of COVID-19 vaccine on Wednesday, with a shipment landing in Mexico City. Sorry, but your browser cannot support embedded video of this type, you can
download this video to view it offline.Download File360p | 2 MB480p | 3 MB540p | 4 MB720p | 8 MB1080p | 16 MBOriginal | 50 MB Embed” />Copy Download AudioMexico Foreign Secretary Marcelo Ebrard was on hand when the flight carrying the Pfizer-BioNTech vaccine landed from Belgium. “Today is the beginning of the end of that pandemic,” Ebrard said. Mexico is scheduled to receive 1.4 million doses of the Pfizer-BioNTech vaccine. Officials on Wednesday did not say how large the shipment was, however, but said they planned to begin Thursday vaccinating health workers in Mexico City and Saltillo, in Mexico’s north. Other Latin American countries are expecting vaccine shipments or, as Argentina did on Wednesday, approving vaccines for use in their countries.The United States is about to complete its second week of vaccinations with about 1 million inoculations, mainly among health care workers and elderly residents of nursing homes. But the numbers are far short of the goal set by Operation Warp Speed, the federal government’s effort to mass produce millions of doses of vaccines, to inoculate 20 million Americans by the end of the year. U.S. Operation Warp Speed chief adviser Dr. Moncef Slaoui has warned that it would take longer to administer the doses. “The commitment that we can make is to make vaccine doses available,” Slaoui said during a press call. “How fast the ramp-up of immunizations, the shots in arms, is happening is slower than we thought it would be.”The Trump administration has reached a deal worth $2 billion to secure an additional 100 million doses of the COVID-19 vaccine developed by Pfizer-BioNTech, which would boost the nation’s vaccine supply to 200 million doses by mid-July 2021.New COVID-19 Variant More Infectious Than Other Strains, British Scientists Say Researchers says new strain first detected in southern Britain is also more transmissible in children; discovery has prompted dozens of countries to impose restrictions or temporary bans on travelers from BritainChina on Thursday became the latest country to suspend all travel with Britain after the discovery of a new and more contagious strain of the novel coronavirus. The new variant of the novel coronavirus has swept through southern Britain in recent weeks, prompting British Prime Minister Boris Johnson to impose more restrictive lockdown measures in some parts of the country ahead of Christmas Day.
…
The U.S. cybersecurity agency said on Wednesday that a sprawling cyber espionage campaign made public earlier this month is affecting state and local governments, although it released few additional details.The hacking campaign, which used U.S. tech company SolarWinds as a springboard to penetrate federal government networks, was “impacting enterprise networks across federal, state, and local governments, as well as critical infrastructure entities and other private sector organizations,” the Cybersecurity and Infrastructure Security Agency (CISA) said in a statement posted to its website.The CISA said last week that U.S. government agencies, critical infrastructure entities, and private groups were among those affected but did not specifically mention state or local bodies. So far only a handful of federal government agencies have officially confirmed having been affected, including the U.S. Treasury Department, the Commerce Department, and the Department of Energy.CISA did not identify the state or local agencies affected and did not immediately return an email seeking additional detail on the notice.Reuters has previously reported that Pima County, Arizona, was among the victims of the wave of intrusions.The county did not immediately return a message seeking comment late Wednesday. The county’s chief information officer previously told Reuters his team had taken its SolarWinds software offline immediately after the hack became public and that investigators had not found any evidence of a further compromise.Senior U.S. officials and lawmakers have alleged that Russia is to blame for the hacking spree, a charge the Kremlin denies.
…
Latin America received its first doses of COVID-19 vaccine on Wednesday, with a shipment landing in Mexico City.Mexico’s Foreign Secretary Marcelo Ebrard was on hand when the flight carrying the Pfizer-BioNTech vaccine landed from Belgium.”Today is the beginning of the end of that pandemic,” Ebrard said.Mexico is scheduled to receive 1.4 million doses of the Pfizer-BioNTech vaccine. Officials on Wednesday did not say how large the shipment was, however, but said they planned to begin vaccinating health workers in Mexico City and Saltillo, in Mexico’s north, on Thursday.Other Latin American countries are expecting vaccine shipments or, as Argentina did on Wednesday, approving vaccines for use in their countries.Also Wednesday, researchers found that people who had contracted COVID-19, the disease caused by the coronavirus, were much less likely to test positive again. Those people who developed antibodies were “at much lower risk” to get the disease again, and could remain virus free for up to six months or longer, the two studies found.Dr. Ned Sharpless, director of the U.S. National Cancer Institute, which conducted one of the studies, told the Associated Press that people who develop antibodies from natural infections develop “the same kind of protection you’d get from an effective vaccine. … It’s very, very rare” to get reinfected.The National Cancer Institute study involved more than 3 million people who had antibody tests. The NCI study found that only 0.3% of those who had antibodies later tested positive for the coronavirus, compared with 3% who lacked such antibodies, the AP reported.The second study, published Wednesday by the New England Journal of Medicine, involved a much smaller group. It followed 12,500 health workers, 1,265 of whom had coronavirus antibodies at the start. The study found that only two health workers tested positive in the following six months, and neither person developed symptoms, AP reported.U.S. Army General Gustave Perna, Operation Warp Speed chief operating officer, said Wednesday that the U.S. government would distribute nearly 4.7 million doses of the Pfizer-BioNTech and Moderna COVID-19 vaccines next week.By the end of the first week of January, Perna said, about 20 million vaccine doses will have been delivered throughout the United States.U.S. Operation Warp Speed chief adviser Dr. Moncef Slaoui warned, however, that it would take longer to administer the doses.”The commitment that we can make is to make vaccine doses available,” Slaoui said during a press call. “How fast the ramp-up of immunizations, the shots in arms, is happening is slower than we thought it would be.”Public data show that health care workers in the United States have received about 1 million shots so far, a small fraction of the total shipped. U.S. officials said there was a lag in vaccination data of several days, however.Chile’s Santiago international airport is employing sniffer dogs in detecting travelers with COVID-19.A team of golden retrievers and Labradors wear green “biodector” jackets adorned with red crosses.Passengers will be required to wipe their necks and wrists with gauze pads. Once placed in glass containers, the dogs, who have been trained to detect the coronavirus, will give a sniff.Dogs are being used in airports in the United Arab Emirates and Finland. A recent study found dogs can identify individuals who have COVID-19 with 85% to 100% accuracy.Chile’s Carabinero police trained the dogs.
…