San Francisco, March 6 (Ians) In yet another big cyber-attack after SolarWinds, at least 30,000 organisations across the US, including government and commercial firms have been hacked by China-based threat actors who used Microsoft's Exchange Server software to enter their networks.
According to KrebsOnSecurity, the China-based espionage group exploited four vulnerabilities in Microsoft Exchange Server email software.
The vulnerabilities allowed hackers to gain access to email accounts, and also gave them the ability to install malware, according to Microsoft which reported about the China-based threat actors but did not reveal the scale at which tens of thousands of organisations have been hit.
Two cybersecurity experts who have briefed US national security advisors on the attack told KrebsOnSecurity the Chinese hacking group seized control over "hundreds of thousands" of Microsoft Exchange Servers worldwide.
Exchange Server is primarily used by business customers.
Microsoft has released several security updates to fix the vulnerabilities, advising...
According to KrebsOnSecurity, the China-based espionage group exploited four vulnerabilities in Microsoft Exchange Server email software.
The vulnerabilities allowed hackers to gain access to email accounts, and also gave them the ability to install malware, according to Microsoft which reported about the China-based threat actors but did not reveal the scale at which tens of thousands of organisations have been hit.
Two cybersecurity experts who have briefed US national security advisors on the attack told KrebsOnSecurity the Chinese hacking group seized control over "hundreds of thousands" of Microsoft Exchange Servers worldwide.
Exchange Server is primarily used by business customers.
Microsoft has released several security updates to fix the vulnerabilities, advising...
- 6/3/2021
- de Glamsham Bureau
- GlamSham
New Delhi, March 3 (Ians) Microsoft has warned its customers against a new sophisticated nation-state cyber attack that has its origin in China and is primarily targeting on-premises 'Exchange Server' software of the tech giant.
Called "Hafnium," it operates from China and is attacking infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks and NGOs in the US for the purpose of exfiltrating information.
"While Hafnium is based in China, it conducts its operations primarily from leased virtual private servers (Vps) in the US," said Tom Burt, Corporate Vice President, Customer Security and Trust at Microsoft.
The Microsoft Threat Intelligence Center (Mstic) found that "Hafnium" would first gain access to an Exchange Server either with stolen passwords or by using the previously undiscovered vulnerabilities to disguise itself as someone who should have access.
"Second, it would create what's called a web shell to control the compromised server remotely.
Called "Hafnium," it operates from China and is attacking infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks and NGOs in the US for the purpose of exfiltrating information.
"While Hafnium is based in China, it conducts its operations primarily from leased virtual private servers (Vps) in the US," said Tom Burt, Corporate Vice President, Customer Security and Trust at Microsoft.
The Microsoft Threat Intelligence Center (Mstic) found that "Hafnium" would first gain access to an Exchange Server either with stolen passwords or by using the previously undiscovered vulnerabilities to disguise itself as someone who should have access.
"Second, it would create what's called a web shell to control the compromised server remotely.
- 3/3/2021
- de Glamsham Bureau
- GlamSham
IMDb.com, Inc. no asume ninguna responsabilidad por el contenido o la precisión de los artículos de noticias, Tweets o publicaciones de blog anteriores. Este contenido se publica únicamente para el entretenimiento de nuestros usuarios. Los artículos de noticias, Tweets y publicaciones de blog no representan las opiniones de IMDb ni podemos garantizar que los informes en ellos sean completamente objetivos. Visita la fuente responsable del artículo en cuestión para informar cualquier inquietud que puedas tener con respecto al contenido o la precisión.