Government hacking groups infiltrate Microsoft Exchange servers |
A number of government-sponsored piracy organizations took advantage of a security fix fixed by Microsoft on their Microsoft Exchange mail server last month. The vulnerability was first monitored by British cyber security company Volexity, and a source from the Ministry of Defense was confirmed to ZDNet.
Volexity declined to mention the name of the hackers group (CVE-2020-0688) that exploited the vulnerability in Microsoft Exchange, while a source at the Ministry of Defense said the hackers group included all the major players and individuals who rejected the name of organizations or countries.
Microsoft released a fix for this bug on February 11, warned system administrators not to report this bug, and requested that the fix be installed as soon as possible to prevent future attacks and report Microsoft Zero-Day errors. It intensifies after the planned publication of a report at the end of this month. Technically explain the error and how it works.
The report provides a road map for security seekers who use the information in the report to test their servers, as in many other cases, and when technical details become more common, hackers begin to pay attention. .
The hacking team started on the second day (zero days) after issuing the report on February 26 and began examining the (Microsoft Exchange) server on the Internet to create a list of unprocessed servers that might be available later.
According to Volexity, internet scanning has switched from Microsoft Exchange servers to APT or advanced persistent physical attack, a term often used to describe government-sponsored piracy organizations, and other organizations can follow suit. No. .
Note that exploiting the vulnerability (CVE-2020-0688) in (Microsoft Exchange) is not easy because hackers need credentials for an email account on the server. They must log in first and then run malware to hack. Mail server.
Related Topics :
- A Chinese hacking group that bypasses 2FA two-factor authentication
- Microsoft has banned 50 North Korean hacking sites
- The CIA has been accused of piracy for 11 years
- Over a billion Android phones are threatened by piracy
- Mandiant reveals a ransom attack as a secondary source of income
- Microsoft warns of security vulnerabilities in the browser, but it does not correct them
- Kaspersky: DDoS attacks multiply in the last quarter of 2019