30,000 U.S. organisations’ emails from hacked through Microsoft Exchange

Spread the love

 318 views


Hackers have been targeting bugs in Exchange Server since early January.

 

Four exploits in Microsoft Exchange Server applications have resulted in about 30,000 U.S. government and private agencies – including police forces, universities, and non-profit organisations – getting their emails compromised. Microsoft put out a patch to repair four zero-day vulnerabilities in Exchange Server a couple of days ago, but it didn’t deter a hacking party from taking advantage of the situation.

According to Microsoft, flaws in Exchange Server was targeted by a previously unknown Chinese hacker community known as “Hafnium.” In the days after Microsoft released an Exchange fix, the community is said to have significantly doubled its activities, attacking unpatched servers around the globe, and breaching the accounts of some 30,000 U.S. organisations. State councils, banks and lending units, as well as police forces, hospitals and non-profits are said to be part of this.

Krebs on Security explains that, “In each incident, the intruders have left behind a ‘web shell,’ an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser. The web shell gives the attackers administrative access to the victim’s computer servers.”

RECOMMENDED READ:  Google's 'FLoC' API could be a privacy-preserving alternative to cookies

Although the attacks have escalated in recent days, the group has allegedly been taking advantage of vulnerabilities since the beginning of January. In reality, the first attacks were silently attacking users on January 6, 2021 – a day when all eyes were fixed on the U.S. Capitol.

Microsoft explains that self-hosted servers running Exchange Server 2013, 2016, or 2019 are at risk and should download its security patch as a matter of urgency. If your organization uses Exchange Online, it won’t be affected.

READ ALSO:
Taiwan says that its TSMC-led semiconductor industry has ample water until May

The nation has been facing the worst drought in 56 years Taiwan has eased concerns that global semiconductor shortages could Read more

Dell’s redesigned G15 gaming laptop packs with RTX 3000 graphics and a speckled paint job.

It will initially be sold in China, but Dell did not announce any pricing for any of the three models. Read more

NFTs,  new crypto craze explained

NFTs are authenticating the originality of digital products If you've been watching tech or financial news late, you may have Read more

Leave a Reply

Your email address will not be published. Required fields are marked *