Cyber Authority Copies Microsoft Vulnerability Warning
Israel’s Cyber Authority on Wednesday warned Microsoft email users to patch a vulnerability being exploited by a Chinese-sponsored outfit. The warning came less than a day after Microsoft informed its customers about the hacking danger.
Microsoft revealed late Tuesday that it had sustained a large-scale cyber attack.
The Israel National Cyber Directorate quoted Microsoft’s description of the vulnerabilities as “grave and easily exploitable.”
Microsoft urged users not to delay in updating Exchange Server to fix four vulnerabilities in the program.
Microsoft’s corporate vice president Tom Burt identified Hafnium as the group suspected of the hacking based on the methods employed.
Burt explained that Hafnium first “would gain access to an Exchange Server either with stolen passwords or by using the previously undiscovered vulnerabilities to disguise itself as someone who should have access.”
Then Hafnium “would create what’s called a web shell to control the compromised server remotely,” and finally, it used “that remote access – run from the U.S.-based private servers – to steal data from an organization’s network.”
To Read The Full Story
Are you already a subscriber?
Click "Sign In" to log in!
Become a Web Subscriber
Click “Subscribe” below to begin the process of becoming a new subscriber.
Become a Print + Web Subscriber
Click “Subscribe” below to begin the process of becoming a new subscriber.
Renew Print + Web Subscription
Click “Renew Subscription” below to begin the process of renewing your subscription.
