Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

admin
Pinned December 2, 2021

<> Embed

@  Email

Report

Uploaded by user
FBI email servers were hacked to target a security researcher
<> Embed @  Email Report

FBI email servers were hacked to target a security researcher

Microsoft email server flaws exploited to hack at least 30,000 US organizations

A Chinese state-sponsored group reportedly hacked hundreds of thousands of victims worldwide.

Mariella Moon
M. Moon
March 6th, 2021
FBI email servers were hacked to target a security researcher | DeviceDaily.com
fizkes via Getty Images

The emergency security patch Microsoft rolled out a few days ago to fix four zero-day flaws in Exchange Server didn’t deter the hacking group that’s been exploiting them. In fact, according to Krebs on Security and Wired, the the Chinese state-sponsored group dubbed Hafnium ramped up and automated its campaign after the patch was released. In the US, the group infiltrated at least 30,000 organizations using Exchange to process email, including police departments, hospitals, local governments, banks, credit unions, non—profits and telecommunications providers. Worldwide, the number of victims is reportedly in the hundreds of thousands.

“Just about everyone who’s running self-hosted Outlook Web Access and wasn’t patched as of a few days ago got hit with a zero-day attack,” a source told Krebs. A former national security official Wired talked to said thousands of servers are getting compromised per hour around the world. When Microsoft announced its emergency patch, it credited security firm Volexity for notifying it about Hafnium’s activities. Volexity president Steven Adair now said that even organizations that patched their servers on the day Microsoft’s security update was released may have still been compromised. 

Further, the patch will only fix the Exchange Server vulnerabilities — those already compromised will still have to remove the backdoor the group planted in their systems. Hafnium is exploiting the flaws to plant “web shells” in their victims’ servers, giving them administrative access that they can use to steal information. According to Krebs, Adair and other security experts are worried about the possibility of the intruders installing additional backdoors as the victims work to remove the ones already in place. 

Microsoft clarified from the start that these exploits have nothing to do with SolarWinds. That said, Hafnium’s activities’ may dwarf the SolarWinds attacks when it comes to the number of victims. Authorities believe around 18,000 entities were affected by the SolarWinds’ breach, since that was the number of customers that downloaded the software’s malicious update. As Wired notes, though, Hafnium’s activities focus on small and medium organizations, where the SolarWinds hackers infiltrated tech giants and large US government agencies. 

When asked about the situation, Microsoft told Krebs that it’s working closely with the US Cybersecurity & Infrastructure Security Agency, along with other government agencies and security companies, to provide its customers “additional investigation and mitigation guidance.”

 

Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics   

(48)