JUMP REPORT

(Bloomberg) — Suspected Russian hackers targeted the cybersecurity company Malwarebytes Inc. in the course of a sprawling cyber-attack that breached U.S. government agencies and companies.The attacker abused “applications with privileged access to Microsoft Office 365 and Azure environments,” according to a Tuesday blog post by Chief Executive Officer Marcin Kleczynski. He said the attack was part of the same hacking campaign that has utilized infected software from SolarWinds Corp. to target other organizations.“After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails. We found no evidence of unauthorized access or compromise in any of our internal on-premises and production environments,” Kleczynski wrote.U.S. intelligence agencies and the FBI have said the recent hacking campaign — which was found and disclosed by the cybersecurity firm FireEye Inc. in December — was likely undertaken by Russia. In many instances, attackers broke into systems through a compromised version of widely used software from Texas-based SolarWinds Corp.However, analysts have said that SolarWinds’s software wasn’t the only method the suspected Russian hackers used to breach networks. On Tuesday, the firm Symantec discovered a new form of malware used in the attack that wasn’t delivered through SolarWinds, suggesting the hack could be broader than previously understood. The firm CrowdStrike Inc. said the hackers had attempted to break into their networks by compromising a third-party vendor that resells Microsoft services. If a reseller is breached and has access to a client’s credentials, the attacker could then hack into the client’s networks.On Dec. 15, Microsoft alerted Malwarebytes about “suspicious activity from a third-party application” that was consistent with the behaviors of the hackers that had exploited SolarWinds. Upon investigation, Malwarebytes found “no evidence of unauthorized access or compromise in any of our internal on-premises and production environments,” he wrote.Jeff Jones, a Microsoft representative, said in a statement, “Our ongoing investigation of recent attacks has found this advanced and sophisticated threat actor had several techniques in their toolkit. We have not identified any vulnerabilities in our products or cloud services.”Malwarebytes’s disclosure is the latest example of the attackers targeting security companies in the course of the hacking campaign. They stole tools from FireEye and attempted to breach CrowdStrike, the companies said last month.“These attackers were clearly sophisticated and primarily targeted federal agencies and security companies, as far as I’m aware,” Kleczynski said in an email to Bloomberg News.FireEye’s investigation into its own breach last month revealed that the hackers had installed malicious code into SolarWinds’s Orion software, which is used by government agencies and Fortune 500 companies. The malicious code, which customers received by updating the software, provided a launching pad of sorts for further attacks by the hackers into computer networks.According to SolarWinds, as many as 18,000 of its customers may have received infected updates, though the hackers are believed to have conducted further intrusions in far fewer of them. Malwarebytes isn’t a SolarWinds customer.(Updates with Microsoft statement in seventh paragraph.)For more articles like this, please visit us at bloomberg.comSubscribe now to stay ahead with the most trusted business news source.©2021 Bloomberg L.P.

Zacks Market Edge Highlights: CrowdStrike Holdings, Zscaler, FireEye, Qualys and McAfee

New study finds organizations are spending more to account for widespread SOC challenges, yet they’re still dissatisfied with the outcomes.

NEW YORK, Jan. 06, 2021 (GLOBE NEWSWIRE) — Scott+Scott Attorneys at Law LLP (“Scott+Scott”), an international securities and consumer rights litigation firm, is investigating whether certain directors and officers of FireEye, Inc. (“FireEye”) (NASDAQ: FEYE) breached their fiduciary duties to FireEye and its shareholders. If you are a FireEye shareholder, you may contact attorney Joe Pettigrew for additional information toll-free at 844-818-6982 or jpettigrew@scott-scott.com. Scott+Scott is investigating whether FireEye’s board of directors or senior management failed to manage FireEye in an acceptable manner, in breach of their fiduciary duties to FireEye, and whether FireEye has suffered damages as a result.On December 8, 2020, FireEye disclosed that its cybersecurity systems were compromised. Evidence points to Russian intelligence agencies. The Federal Bureau of Investigations is actively investigating the breach.What You Can DoIf you are a FireEye shareholder, you may have legal claims against FireEye’s directors and officers. If you wish to discuss this investigation, or have questions about this notice or your legal rights, please contact attorney Joe Pettigrew toll-free at 844-818-6982 or jpettigrew@scott-scott.com.About Scott+ScottScott+Scott has significant experience in prosecuting major securities, antitrust, and consumer rights actions throughout the United States. The firm represents pension funds, foundations, individuals, and other entities worldwide with offices in New York, London, Amsterdam, Connecticut, California, and Ohio.Attorney AdvertisingCONTACT: Joe Pettigrew Scott+Scott Attorneys at Law LLP 230 Park Avenue, 17th Floor, New York, NY 10169 844-818-6982 jpettigrew@scott-scott.com

FireEye to release financial results for Q4 and the 2020 fiscal year on February 2, 2021.