Chinese State-Sponsored Hacking Group Used Four Zero-Days to Hack Exchange Servers

Google fixes 47 Chrome flaws, 1.7M Oxfam Australia user records exposed in breach, Malaysia Airlines frequent flyer program hacked over a nine-year period, Dairy giant Lactalis breached, more

If you have colleagues who might benefit from Metacurity, talk to the relevant people in your organization about saving 50% off all subscriptions so that everyone can stay up-to-date on the latest infosec news.

Get 50% off for 1 year

Microsoft said that it had detected a “highly-skilled and sophisticated” Chinese state-sponsored hacking group known as Hafnium targeting U.S. organizations to steal data. The hackers used four zero-day vulnerabilities chained together to gain access to Microsoft Exchange servers, steal email, and plant further malware for increased access to the network.

Hafnium needs access to an on-premise Microsoft Exchange server on port 443 for these attacks to work. The industry sectors that the group mostly targets include infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs. Microsoft has released emergency out-of-band security updates for all supported Microsoft Exchange versions. (Lawrence Abrams / Bleeping Computer)

Related: Microsoft on the IssuesAnomali BlogSC MagazineRapid7Dark Reading: OperationsPetrigHacksMicrosoft Security Response CenterGeekWire Original, Microsoft, TechCrunch, The Hacker NewsRapid7Redmond MagazineBusiness InsiderTechNaduWRAL Tech WireNDTV Gadgets360.comZDNet SecurityReddit - cybersecurityTenable BlogSecurity AffairsInfosecurity MagazineTechDatorInforisk TodayGovcert.uk.gov,  ETTelecom.comGadgets NowThe Hill: CybersecurityDigital JournalBusiness Standard, Deutsche WelleCTVNews.caFrance24SiliconANGLEAsia One ChinaVentureBeatGizmodoAssociated Press TechnologyThe RegisterCNN.comCourthouse News ServiceTech XploreTechCentral, Forbes, Krebs on Security, The Record

Google rolled out fixes 47 security fixes in its Windows, Linux, and Mac version of Chrome, the most severe of which concerns an "object lifecycle issue in audio."

That flaw, which has been abused in the wild and is tracked as CVE-2021-21166, is one of the two security bugs reported last month by Alison Huffman of Microsoft Browser Vulnerability Research on February 11. (Ravie Lakshmanan / The Hacker News)

Related: Android PoliceZDNet SecurityTechradarHOTforSecuritygHacks

The Oxfam Australia charity confirmed a data breach that exposed its supporters' personal data after Bleeping Computer reported that a threat actor was selling a stolen Oxfam Australia database containing 1.7 million user records. 

Oxfam said that although no passwords were compromised, the database accessed by the hackers included names, addresses, dates of birth, emails, phone numbers, gender, and in some cases, donation history. (Lawrence Abrams / Bleeping Computer)

Related: The Daily SwigZDNet SecurityVerdict, TechDator

Malaysia Airlines said that its frequent flyer program Enrich had been hacked via one of its third-party IT service providers over a nine-year period from March 2010 to June 2019.

The frequent flyer member data stolen during the breach include the date of birth, gender, contact details, frequent flyer number, frequent flyer status, and frequent flyer tier level. The airline said it has no evidence the data was misused. (SHAHRIN AIZAT NOORSHAHRIZAM / Malay Mail)

Related: Cybersecurity InsidersBleeping ComputerGlobal Security MagazineZDNetDataBreaches.net

The world’s leading dairy group Lactalis disclosed a cyberattack after unknown threat actors have breached some of the company's systems.

The France-based group said only a limited number of computers on its network were compromised during the attack, and it has taken all impacted systems offline. (Sergiu Gatlan / Bleeping Computer)

Related: Security AffairsSecurityWeek

Follow Us on Twitter

Microsoft announced that its Teams remote collaboration and conference tool will support end-to-end encryption for one-to-one Teams calls.

IT will have discretion over which users can use E2EE. E2EE for Teams 1:1 ad-hoc VoIP calls (as the feature is known officially) will be available in preview to commercial customers later in the first half of this calendar year. (Mary Jo Foley / ZDNet)

Related: Windows CentralPetriMSPoweruser9to5MacBleeping Computer, PocketnowWindows CentralGeekWire OriginalPetri

Researchers at Cisco Talos say that The ObliqueRAT malware is now cloaking its payloads as seemingly-innocent image files hidden on compromised websites.

The new tactic has helped ObliqueRAT operators avoid detection during the malware’s targeting of various organizations in South Asia where attackers tried to exfiltrate data from victims. (Lindsey O’Donnell / Threatpost)

Related: ZDNet SecurityTalos Intel

Google is teaming with two insurance giants, Allianz and Munich Re, to cover cyber breaches and related risks for businesses that use its cloud services.

The two companies' initial targets are U.S.-based companies with annual revenue of between $500 million and $5 billion. (Tom Sims / Reuters)

Related: ZDNet SecurityWSJ Pro - Cybersecurity - HomeDark ReadingETTelecom.comChannel News Asia

Photo by Balkouras Nicos on Unsplash