Malwarebytes CEO Marcin Kleczynski said the same nation-state attackers breached the company, but not through the compromised SolarWinds Orion platform (which they don’t use) A fourth malware strain, Teardrop, has been detailed by Symantec researchers. FireEye researchers have also released an auditing script for organizations to check Microsoft 365 tenants for signs of intrusion. The attackers used lateral movement techniques to move laterally from targets’ on-premises networks to the Microsoft 365 cloud.
Source: https://www.helpnetsecurity.com/2021/01/20/malwarebytes-breached/