The Topic view for WPID=56248 simulated rendering in new page.

Visual layout may differ depending on browser and as rendered by Older view in Website

At Least 30

ItemDate=2021-05-03 00:08:00 Status=publish

TopicTaglist=['H11', 'S12']

#Discussion(Security) [ via IoTGroup ]

The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total remote control over affected systems. Speaking on condition of anonymity two cybersecurity experts who’ve briefed U.S. national security advisors on the attack told KrebsOnSecurity the Chinese hacking group thought to be responsible has seized control over “hundreds of thousands” of Microsoft Exchange Servers worldwide — with each victim system representing approximately one organization that uses Exchange to process email. Microsoft said the Exchange flaws are being targeted by a previously unidentified Chinese hacking crew it dubbed “Hafnium ” and said the group had been conducting targeted attacks on email systems used by a range of industry sectors including infectious disease researchers law firms higher education institutions defense contractors policy think tanks and NGOs.

But Adair said that over the past few days the hacking group has shifted into high gear moving quickly to scan the Internet for Exchange servers that weren’t yet protected by the security updates Microsoft released Tuesday. “We’ve worked on dozens of cases so far here web shells were put on the victim system back on Feb. 28 [before Microsoft announced its patches] all the way up to today ” Adair said.

White House press secretary told reporters today the vulnerabilities found in Microsoft’s widely used Exchange servers were “significant ” and “could have far-reaching impacts.” When it released patches for the four Exchange Server flaws on Tuesday Microsoft emphasized that the vulnerability did not affect customers running its Exchange Online service (Microsoft’s cloud-hosted email for businesses). But sources say the vast majority of the organizations victimized so far are running some form of Internet-facing Microsoft Outlook Web Access (OWA) email systems in

Read More.. AutoTextExtraction by Working BoT using SmartNews 1.03976805238 Build 04 April 2020

Footer info Your browser may cache and not show current data. On windows use CNTRL+F5 key and on Mac Shift+Refresh(browser). See more details. You may need to rotate small screen phones to landscape mode for using some menu or some views.You may contact us here if needed.