Rantburg

Today's Front Page   View All of Sat 04/20/2024 View Fri 04/19/2024 View Thu 04/18/2024 View Wed 04/17/2024 View Tue 04/16/2024 View Mon 04/15/2024 View Sun 04/14/2024
2021-03-07 Cyber
30,000 US organizations said hacked in Chinese cyber-espionage attack
[IsraelTimes] White House says spree is an ’active threat’; hackers exploit flaws in Microsoft Exchange, stealing email and infecting servers to let them take control remotely.

At least 30,000 US organizations including local governments have been hacked in recent days by an "unusually aggressive" Chinese cyber-espionage campaign, according to a computer security specialist.

The campaign has exploited recently discovered flaws in Microsoft Exchange software, stealing email and infecting computer servers with tools that let attackers take control remotely, Brian Krebs said in a post at his cyber security news website.

"This is an active threat," White House spokeswoman Jennifer Psaki said when asked about the situation during a press briefing.

"Everyone running these servers needs to act now to patch them. We are concerned that there are a large number of victims," she added.

After Microsoft released patches for the vulnerabilities on Tuesday, attacks "dramatically stepped up" on servers not yet updated with security fixes, said Krebs, who cited unnamed sources familiar with the situation.

"At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organizations," Krebs wrote in the post.

He reported that insiders said hackers have "seized control" of thousands of computer systems around the world using password-protected software tools slipped into systems.

Microsoft said early this week that a state-sponsored hacking group operating out of China is exploiting previously unknown security flaws in its Exchange email services to steal data from business users.

The company said the hacking group, which it has named "Hafnium," is a "highly skilled and sophisticated actor."

Hafnium has in the past targeted US-based companies including infectious disease researchers, law firms, universities, defense contractors, think tanks, and NGOs.

In a blog post on Tuesday, Microsoft executive Tom Burt said the company had released updates to fix the security flaws, which apply to on-premises versions of the software rather than cloud-based versions, and urged customers to apply them.

"We know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems," he added at the time.

Microsoft said the group was based in China but operated through leased virtual private servers in the United States, and that it had briefed the US government.

Beijing has previously hit back at US accusations of state-sponsored cyber theft. Last year it accused Washington of smears following allegations that Chinese hackers were attempting to steal coronavirus (aka COVID19 or Chinese Plague)
...the twenty first century equivalent of bubonic plague, only instead of killing off a third of the population of Europe it kills 3.4 percent of those who notice they have it. It seems to be fond of the elderly, especially Iranian politicians and holy men...
 research.

In January, US intelligence and law enforcement agencies said Russia was probably behind the massive SolarWinds hack that shook the government and corporate security, contradicting then-president Donald Trump
...Oh, noze! Not him!...
, who had suggested China could be to blame.

Microsoft said Tuesday the Hafnium attacks "were in no way connected to the separate SolarWinds-related attacks."
Posted by trailing wife 2021-03-07 00:00|| || Front Page|| [11 views ]  Top
 File under: Commies 

#1 Meanwhile, the NSA, CIA and FBI were occipied trying to frame "right wing" groups for a rebellion that was fiction, throw an electi0on, and run Trump out of office.

These 3 agencies need to be disbanded and rebuilt from the ground up.
Posted by These Forkbeard7574 2021-03-07 02:43||   2021-03-07 02:43|| Front Page Top

#2 ^agree
Posted by 746 2021-03-07 10:57||   2021-03-07 10:57|| Front Page Top

#3 Hence the emails from United and American Airlines telling me to change my passwords....
Posted by Bangkok Billy 2021-03-07 13:33||   2021-03-07 13:33|| Front Page Top

#4 I’ve gotten the same message from a bunch of organizations in recent days. The problem is that phishing emails say the same thing.
Posted by trailing wife 2021-03-07 14:31||   2021-03-07 14:31|| Front Page Top

#5 Agree with #1. Raze them and start over.
Posted by Ulomoth Flinert1217 2021-03-07 16:35||   2021-03-07 16:35|| Front Page Top

10:07 Slinese Snore5667
09:55 Bobby
09:54 DarthVader
09:32 Huputle+Cherelet4131
09:32 Huputle+Cherelet4131
09:30 Grom the Reflective
09:29 Grom the Reflective
09:24 Huputle+Cherelet4131
09:15 Huputle+Cherelet4131
09:14 Skidmark
09:11 Huputle+Cherelet4131
09:09 Skidmark
09:09 ed in texas
08:58 Huputle+Cherelet4131
08:55 ed in texas
08:51 ed in texas
08:46 ed in texas
08:45 ed in texas
08:33 Itsoktobewhite
08:27 Mullah Richard
08:17 DooDahMan
08:09 NN2N1
08:05 Airandee
07:43 NN2N1









Paypal:
Google
Search WWW Search rantburg.com