Microsoft Hacked UPDATE: Researcher Reveals China Owns the World, Thousand Servers Get Compromised Per Hour
techtimes.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from techtimes.com Daily Mail and Mail on Sunday newspapers.
Chinese Hacking Spree Hit an Astronomical Number of Victims
wired.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from wired.com Daily Mail and Mail on Sunday newspapers.
March 5, 2021
At least 30,000 organizations across the United States including a significant number of small businesses, towns, cities and local governments have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage group is exploiting four newly-discovered flaws in
Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.
On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange.
Microsoft fixes four zero-day flaws in Exchange Server exploited by China s ‘Hafnium’ spies to steal victims data
Patch ASAP: Holes used to raid top-tier targets and stash info in Kim Dotcom s old cloud file locker Share
Copy
Microsoft says Beijing-backed hackers are exploiting four zero-day vulnerabilities in Exchange Server to steal data from US-based defense contractors, law firms, and infectious disease researchers.
The Windows giant today issued patches for Exchange to close up the bugs, and recommended their immediate application by all. On-prem and hosted Exchange, from version 2013 to 2019, are vulnerable and need fixing up.
Microsoft’s corporate veep for customer security and trust Tom Burt named the miscreants “Hafnium,” said they operate in China though use US-based servers, and classified the cyber-spy team as “a highly skilled and sophisticated actor” that s nation-state sponsored.