Hmm wow i remember some people getting on this website and saying that this was not the case, hmm how about that https://t.co/MN0VjTO5ac

— Greg Otto (@gregotto) December 31, 2020

More shoes keep dropping from the #SolarWindsHack fallout. Many more to come yet https://t.co/gLa8fmUCWC

— Dmitri Alperovitch (@DAlperovitch) December 31, 2020

After initially issuing a statement that dismissed reports that it had been hacked, Microsoft now admits that hackers breached its network and viewed (but didn't modify) its products' source code as part of the SolarWinds affair. https://t.co/33vKc3FnHe

— Eric Geller (@ericgeller) December 31, 2020

NEW: Microsoft says SolarWinds hackers successfully viewed source code, accessed network, did not breach products/cloud or use its systems to attack other targets. https://t.co/U2iSsm47FS

— Nicole Perlroth (@nicoleperlroth) December 31, 2020

As MSFT notes in their blog post, they have embraced an open source threat modeling approach - assume the code will become open and don't tie security to secrecy.

With some companies, you might hear that and call BS. Don't do that here. 3/ https://t.co/OA70Ivs9NM pic.twitter.com/frl01tZOaX

— Jake Williams (@MalwareJake) December 31, 2020

Microsoft new info on its SW infection. “We detected unusual activity with a small number of internal accounts...one...had been used to view source code in...source code repositories. The account did not have permissions to modify any code or... systems... https://t.co/SISXVEgpEm

— Kim Zetter (@KimZetter) December 31, 2020

Microsoft Says Russian Hackers Viewed Some of Its Source Code - The New York Times // HNY https://t.co/29ACq2Bghd

— Steven Sinofsky (@stevesi) December 31, 2020

What a better chance for Microsoft to go fully open source ? https://t.co/77n5H9QWS4

— Nima Fatemi (@mrphs) December 31, 2020

Microsoft updates on its SolarWinds-related investigation (Solorigate/SUNBURST) saying, more or less, coast is clear on its end. https://t.co/pVkHczq35Z

— Tim Starks (@timstarks) December 31, 2020

This story is getting a lot of attention. Let me quickly break down for followers not in offensive security what it means.

This is not great, but *the sky isn't falling*. Anyone who says this will immediately result in {thing} is uninformed (or worse) 1/https://t.co/1eaBeiEb3V

— Jake Williams (@MalwareJake) December 31, 2020

Our story, with a focus on some of the unanswered questions:

- What repositories were accessed?
- How long did the hackers have access?
- And, as @ronen_sl puts it:

“Was this recon for the next big operation?”https://t.co/w6x2eviGM6

— Raphael Satter (@razhael) December 31, 2020

As grim as it sounds, MSFT (*unlike Apple and other cos) doesn't rely on the secrecy of source code for security, so employees can readily view source code and its threat model assumes attackers have access to it. But it does expand the scope of the attack.

— Nicole Perlroth (@nicoleperlroth) December 31, 2020

Grab your popcorn folks, 2021 is going to be lit.https://t.co/1eaBeiEb3V

— Jake Williams (@MalwareJake) December 31, 2020

New Microsoft alert on SolarWinds breach: “we discovered 1 account had been used to view source code in a number of source code repositories. The account did not have permissions to modify any code” — MSFT says its services & customer data aren’t at risk. https://t.co/O1YM77iW6f

— Shannon Vavra (@shanvav) December 31, 2020

New: Microsoft says #SolarWinds hackers were able to access "a number of source code repositories."

However, the company adds that it "found no indications that our systems were used to attack others."https://t.co/INlfkBxoAk pic.twitter.com/kJwTxR2oKt

— Raphael Satter (@razhael) December 31, 2020

Microsoft Says Russian Hackers Viewed Some of Its Source Code. The hackers gained more access than the company previously revealed, though the attackers were unable to modify code or access emails. https://t.co/rY8fV7tRJ7

— Jesse Damiani (@JesseDamiani) December 31, 2020

Microsoft says its investigation into malicious SolarWinds code in its systems found no evidence attackers used that to forge single sign-on tokens for its corporate domains. But it did find the intruders viewed (but didn't alter) Microsoft source code. https://t.co/JmneYxbp1D

— briankrebs (@briankrebs) December 31, 2020

Providing transparency about the Solarigate incident: https://t.co/hGBTNc6bud

— Frank X. Shaw (@fxshaw) December 31, 2020

Microsoft said the suspected Russian hackers behind the stunning breach of numerous U.S. government agencies also accessed the company’s internal source code https://t.co/o7wJu1d83h via @technology

— William Turton (@WilliamTurton) December 31, 2020

Microsoft says SolarWinds hackers viewed source code https://t.co/m7KcO14BT9

— Anonymous Operations (@AnonOpsSE) January 1, 2021

Microsoft admitted Thursday that the suspected Russian government hackers’ presence in its environment went beyond the software giant simply downloading malicious SolarWinds Orion code. https://t.co/GwrNh3liAs #SolarWindsHack #SolarWinds $MSFT pic.twitter.com/ejnA7VQ9Qa

— CRN (@CRN) December 31, 2020

Context is important here: ”we do not rely on the secrecy of source code for the security of products, and our threat models assume that attackers have knowledge of source code.” https://t.co/dPTvwEhCVA https://t.co/zjMQ6188pi

— Veli-Pekka Kivimäki (@vpkivimaki) December 31, 2020

Microsoft Internal Solorigate Investigation Update – Our investigation has found no evidence of access to production services or customer data. The investigation, which is ongoing, has also found no indications that our systems were used to attack others. https://t.co/0dH0vxw2VX

— ŋıŋʝąƈąɬ? (@RavivTamir) January 1, 2021

Microsoft Internal Solorigate Investigation Update: “We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories.” https://t.co/P7cwnV39lF

— 780th Military Intelligence Brigade (Cyber) (@780thC) January 1, 2021

"This means we do not rely on the secrecy of source code for the security of products, and our threat models assume that attackers have knowledge of source code. So viewing source code isn’t tied to elevation of risk." (2/2)https://t.co/OsgOOxwszR

— Zack Whittaker (@zackwhittaker) December 31, 2020

Upon review, Microsoft now says SolarWinds hackers viewed its internal source code. Different tone from prior strident denials it was hacked. https://t.co/vkouxDRevJ

— Joseph Menn (@josephmenn) December 31, 2020

Glad to see that Microsoft claims that the secrecy of code source is not a security measure. I’m impressed of their evolution from the Halloween documents written against open source in the nineties to become a company more oriented towards open source... https://t.co/YohQFA38Aq pic.twitter.com/mmaarZUaiY

— Alexandre Dulaunoy (@adulau) December 31, 2020

Microsoft discloses discovery of an internal compromise related to its Solarigate investigation, but does not link it to SolarWinds itself and says no evidence of ability to change code. Seems purposely vague, potentially to not tip off other threat actors https://t.co/uyRkCCnhew

— SwiftOnSecurity (@SwiftOnSecurity) December 31, 2020

Microsoft Internal Solorigate Investigation Update. (SolarWinds hackers were able to access M... https://t.co/X1E3FoJxAm #programming #softwareengineering #bigdata #datascience #analytics #ai #python #javascript

— Lewis Gavin (@GavLaaaaaaaa) January 1, 2021

Microsoft update on Internal Solorigate Investigation has a significantly different tone than before and now this “we discovered one account had been used to view source code in a number of source code repositories.” Read the whole thing https://t.co/wb4b6rduxX

— Jorge Orchilles ? (@jorgeorchilles) December 31, 2020

ALL fed agencies operating versions of the SolarWinds Orion platform other than those identified as “affected versions”
req to use at least SolarWinds Orion Platform v 2020.2.1HF2
NSA examined this version verified it eliminates identified malicious codehttps://t.co/NDDBAtj3xk

— File411 (@File411) December 30, 2020

DHS have issued an update to emergency directive on SolarWinds - by tomorrow, all federal networks using Orion must upgrade to latest version of product (regardless of earlier versions) https://t.co/hfzyreAAJm

— Kevin Beaumont (@GossiTheDog) December 30, 2020

Solorigateの件、MS社でも調査をつづけており、続報のブログをだしています。情報アップデートがかけられていますので、適宜ご確認を：Microsoft Internal Solorigate Investigation Updatehttps://t.co/YT3truGZAS

— Yurika (@EurekaBerry) January 2, 2021

Microsoft Internal Solorigate Investigation Update (SolarWinds hackers were able to access Microsoft source code) : https://t.co/VBiJ3QBMr7

— Binni Shah (@binitamshah) January 1, 2021

Do you understand why this sub sentence is important?

“...related to the abuse of forged SAML tokens against our corporate domains.”https://t.co/Bqpc1lMdyf
Welp Microsoft has one incredibly powerful weapon in its arsenal
see EDVA cases re MS & Domains??https://t.co/a40GeC3yk5 pic.twitter.com/Tu8Wpogu1Q

— File411 (@File411) December 31, 2020

GOOD LORDT:
”..attempted activities beyond just the presence of malicious SolarWinds code in our environment. This activity has not put at risk the security of our services or any customer data....we believe is a very sophisticated nation-state actor”https://t.co/Bqpc1lMdyf pic.twitter.com/ci3M82ZVO8

— File411 (@File411) December 31, 2020

New update from @Microsoft: ”we do not rely on the secrecy of source code for the security of product” ??? Other SW companies too shoud also not using security by obscurity. #cybersec #infosec #Solorigate https://t.co/BBbKDK0MEm

— $℮ß@ṧ☂ḯαη - CyberSec/Azure/Management (@zeboul0n) January 1, 2021

“Microsoft Says Russian Hackers Viewed Some of Its Source Code. The hackers gained more access than the company previously understood, though they were unable to modify code or get into its products and emails.” https://t.co/suQ7ieMDKu https://t.co/KmddVANfrq

— Frederik Zuiderveen Borgesius (@fborgesius) January 1, 2021

And the MS statement on it https://t.co/1X6X3FuqL6

— Pwn All The Things (@pwnallthethings) December 31, 2020

update from microsoft on solarwinds breach "We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories" https://t.co/58ImOb50hV

— Kurt Baumgartner (@k_sec) January 1, 2021

Glad MS said something about this publicly, transparency is important.

Microsoft Internal Solorigate Investigation Update https://t.co/LDpKVyQrUM

— Kevin Beaumont (@GossiTheDog) December 31, 2020

"Our #investigation into our own environment has found no evidence of access to production services or #customer #data…no indications that our systems were used to attack others." https://t.co/sFpY9uVDe8 #Microsoft #SolarWinds #hackers #sourcecode #CyberAttacks #CyberSecurity

— Morris Pondfield (@mpondfield) January 1, 2021

Microsoft new info on its SW infection. “We detected unusual activity with a small number of internal accounts...one...had been used to view source code in...source code repositories. The account did not have permissions to modify any code or... systems... https://t.co/SISXVEgpEm

— Kim Zetter (@KimZetter) December 31, 2020

As MSFT notes in their blog post, they have embraced an open source threat modeling approach - assume the code will become open and don't tie security to secrecy.

With some companies, you might hear that and call BS. Don't do that here. 3/ https://t.co/OA70Ivs9NM pic.twitter.com/frl01tZOaX

— Jake Williams (@MalwareJake) December 31, 2020

SolarWinds hackers were able to view Microsoft source codehttps://t.co/X4t7sox0el pic.twitter.com/UyDifG3dew

— Gregg Housh (@GreggHoush) January 1, 2021

SolarWinds hackers accessed Microsoft source code https://t.co/ZfIYEN8JYj #tech #feedly #CES2021 #CyberSecurity

— Nicolas Babin #CES2021 (@Nicochan33) January 1, 2021