Chinese cyberespionage group hacks US organizations with Exchange zero-day flaws

Microsoft has released emergency patches for four previously unknown vulnerabilities in Exchange Server that a cyberespionage group was exploiting to break into organizations. The flaws allow the extraction of mailbox contents and the installation of backdoors on vulnerable servers.

Microsoft attributes the attacks to a Chinese APT group dubbed Hafnium that has a history of exploiting vulnerabilities in internet-facing servers and targeting Office 365 users. The group has targeted entities in the US including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.

To read this article in full, please click here

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

four × two =

This site uses Akismet to reduce spam. Learn how your comment data is processed.