TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentralTechCentral
    NEWSLETTER
    • News

      Willington Ngwepe to step down as Icasa CEO

      10 August 2022

      Samsung unveils its latest foldable smartphones

      10 August 2022

      Cape Town’s DataProphet expands funding to R165-million

      10 August 2022

      The tech proves it: South African women are better drivers than men

      10 August 2022

      BT, Seacom sign ‘strategic alliance’ for enterprise services

      10 August 2022
    • World

      Jumia says it’s past peak losses, shares jump

      10 August 2022

      Elon Musk sells $6.9-billion of Tesla to avoid Twitter fire sale

      10 August 2022

      Nvidia issues profit warning on slump in demand for graphics cards

      8 August 2022

      Buterin: Mining on Ethereum Classic won’t affect Merge

      8 August 2022

      Musk challenges Twitter CEO to a public debate

      7 August 2022
    • In-depth

      The length of Earth’s days has been increasing – and no one knows why

      7 August 2022

      As Facebook fades, the Mad Men of advertising stage a comeback

      2 August 2022

      Crypto breaks the rules. That’s the point

      27 July 2022

      E-mail scams are getting chillingly personal

      17 July 2022

      Webb telescope’s stunning images of the cosmos

      12 July 2022
    • Podcasts

      e4’s Adri Führi on encouraging more women into tech careers

      10 August 2022

      How South Africa can woo more women into tech

      4 August 2022

      Book and check-in via WhatsApp? FlySafair is on it

      28 July 2022

      Interview: Why Dell’s next-gen PowerEdge servers change the game

      28 July 2022

      Demystifying the complexity of AI – fact vs fiction

      6 July 2022
    • Opinion

      SIU seeks to set aside R215-million IT tender

      19 July 2022

      No reason South Africa should have a shortage of electricity: Ramaphosa

      11 July 2022

      Ntshavheni’s bias against the private sector

      8 July 2022

      South Africa can no longer rely on Eskom alone

      4 July 2022

      Has South Africa’s advertising industry lost its way?

      21 June 2022
    • Company Hubs
      • 1-grid
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»Sections»Information security»Microsoft says Chinese hackers targeted groups via Exchange

    Microsoft says Chinese hackers targeted groups via Exchange

    Information security By Agency Staff3 March 2021
    Facebook Twitter LinkedIn WhatsApp Telegram Email

    A China-linked cyberespionage group has been remotely plundering e-mail inboxes using freshly discovered flaws in Microsoft mail server software, the company and outside researchers said on Tuesday — an example of how commonly used programs can be exploited to cast a wide net online.

    In a blog post, Microsoft said the hacking campaign made use of four previously undetected vulnerabilities in different versions of the software and was the work of a group it dubs Hafnium, which it described as a state-sponsored entity operating out of China.

    In a separate blog post, cybersecurity firm Volexity said that in January it had seen the hackers use one of the vulnerabilities to remotely steal “the full contents of several user mailboxes”. All they needed to know were the details of Exchange server and of the account they wanted to pillage its e-mails, Volexity said.

    Ahead of the Microsoft announcement, the hackers’ increasingly aggressive moves began to attract attention from across the cybersecurity community

    The Chinese embassy in Washington did not immediately return messages seeking comment. Beijing routinely denies carrying out cyberespionage despite a drumbeat of allegations from the US and others.

    Ahead of the Microsoft announcement, the hackers’ increasingly aggressive moves began to attract attention from across the cybersecurity community.

    Mike McLellan, director of intelligence for Dell Technologies’ Secureworks, said ahead of the Microsoft announcement that he had noticed a sudden spike in activity touching Exchange servers overnight on Sunday, with around 10 customers affected at his firm.

    Under scrutiny

    Microsoft’s near-ubiquitous suite of products has been under scrutiny since the hack of SolarWinds, the Texas-based software firm that served as a springboard for several intrusions across government and the private sector. In other cases, hackers took advantage of the way customers had set up their Microsoft services to compromise their targets or dive further into affected networks.

    Hackers who went after SolarWinds also breached Microsoft itself, accessing and downloading source code — including elements of Exchange, the company’s e-mail and calendaring product.

    McLellan said that for now, the hacking activity he had seen appeared focused on seeding malicious software and setting the stage for a potentially deeper intrusion rather than aggressively moving into networks right away.

    “We haven’t seen any follow-on activity yet,” he said. “We’re going to find a lot of companies affected but a smaller number of companies actually exploited.”

    Microsoft said targets included infectious disease researchers, law firms, higher education institutions, defence contractors, policy think-tanks, and non-governmental groups.  — Reported by Raphael Satter and Christopher Bing, (c) 2021 Reuters

    Microsoft top Volexity
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleInternet shutdowns plunge millions into ‘digital darkness’
    Next Article Public servants demand double-inflation wage hike

    Related Posts

    Willington Ngwepe to step down as Icasa CEO

    10 August 2022

    Samsung unveils its latest foldable smartphones

    10 August 2022

    Cape Town’s DataProphet expands funding to R165-million

    10 August 2022
    Add A Comment

    Comments are closed.

    Promoted

    How secure is your cloud?

    10 August 2022

    5 ways to make attack-path management more manageable

    10 August 2022

    Smart homes need even smarter Wi-Fi

    10 August 2022
    Opinion

    SIU seeks to set aside R215-million IT tender

    19 July 2022

    No reason South Africa should have a shortage of electricity: Ramaphosa

    11 July 2022

    Ntshavheni’s bias against the private sector

    8 July 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.