Chinese State-Sponsored Hacking Group Used Four Zero-Days to Hack Exchange Servers
Google fixes 47 Chrome flaws, 1.7M Oxfam Australia user records exposed in breach, Malaysia Airlines frequent flyer program hacked over a nine-year period, Dairy giant Lactalis breached, more
If you have colleagues who might benefit from Metacurity, talk to the relevant people in your organization about saving 50% off all subscriptions so that everyone can stay up-to-date on the latest infosec news.
Microsoft said that it had detected a “highly-skilled and sophisticated” Chinese state-sponsored hacking group known as Hafnium targeting U.S. organizations to steal data. The hackers used four zero-day vulnerabilities chained together to gain access to Microsoft Exchange servers, steal email, and plant further malware for increased access to the network.
Hafnium needs access to an on-premise Microsoft Exchange server on port 443 for these attacks to work. The industry sectors that the group mostly targets include infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs. Microsoft has released emergency out-of-band security updates for all supported Microsoft Exchange versions. (Lawrence Abrams / Bleeping Compu…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.