The main headlines of Fox Business Flash are here. Check out what is clicking on FoxBusiness.com.
A cyber espionage group linked to China has remotely looted e-mail inboxes using recently discovered flaws in Microsoft’s e-mail server software, the company and outside researchers said on Tuesday – an example of how commonly used programs Can be exploited to launch a wide online network.
GET FOX BUSINESS ON THE MOVE BY CLICKING HERE
In a blog post, Microsoft said the hacking campaign made use of four previously undetected vulnerabilities in different versions of the software and was the work of a group that dubbed HAFNIUM, which it described as a state-sponsored entity operating outside the China.
In a separate blog post, cybersecurity company Volexity said that in January it saw hackers use one of the vulnerabilities to remotely steal “the entire contents of multiple user mailboxes”. All they needed to know was the details of the Exchange server and the account that they wanted to loot their email, said Volexity.
The Chinese embassy in Washington did not immediately return messages asking for comment. Beijing routinely denies cyber espionage, despite several accusations from the United States and other countries.
US CYBER AGENCY SAYS SOLARWINDS HACKERS ARE ‘IMPACTING’ THE STATE, LOCAL GOVERNMENTS
Before Microsoft’s announcement, hackers’ increasingly aggressive movements began to attract the attention of the entire cybersecurity community.
Mike McLellan, director of intelligence at Secureworks at Dell Technologies Inc, said ahead of the Microsoft announcement that he noticed a sudden spike in Exchange server activity during Sunday night, with about 10 affected customers at his company.
Microsoft’s nearly ubiquitous product suite has been under scrutiny since the hacking of SolarWinds, the Texas-based software company that served as a springboard for various government and private sector intrusions. In other cases, hackers have taken advantage of the way customers have configured their Microsoft services to compromise their targets or to dive further into the affected networks.
LARGE ATTACK SETS OF HACKERS SPECIALISTS IN WORLD CYBER TECHNOLOGY TO DEFEND NETWORKS
The hackers who pursued SolarWinds also violated Microsoft itself by accessing and downloading the source code – including elements of Exchange, the company’s email product and calendar.
McLellan said that, for now, the hacking activity he saw appeared to be focused on spreading malicious software and setting the stage for a potentially deeper intrusion, rather than moving aggressively to networks immediately.
| Ticker | Safety | Last | Change | Change % |
|---|---|---|---|---|
| MSFT | MICROSOFT CORP. | 233.87 | -3.07 | -1.30% |
“We haven’t seen any subsequent activity yet,” he said. “We will find many companies affected, but fewer companies actually exploited.”
CLICK HERE TO READ MORE ABOUT FOX BUSINESS
Microsoft said the targets include infectious disease researchers, law firms, higher education institutions, defense companies, policy think tanks and non-governmental groups.
(Reporting by Raphael Satter and Christopher Bing; Editing by Dan Grebler)