Multiple vulnerabilities in Microsoft Exchange systems could be exploited by Chinese hackers to extract data. Microsoft says a Chinese state-backed hacker group called Hafnium is behind the attack. The group’s name has been raised in several previous serious security incidents
Since January, epidemiologists, law firms, higher education institutions, defense suppliers, civil society and government organizations have been actively and actively harassed through a serious vulnerability. mail servers. Vulnerable server detection and hacking was automated, affecting more than 30,000 companies globally.
Vulnerability in Exchange Server 2013, 2016, and 2019 CVE-2021-26855, CVE-2021-26857, CVE-2021 is also known to circumvent authentication and logon. -26858 and CVE-2021-27065 fix packs. If you have an eight-character ASPX file in the C: \ inetpub wwwroot aspnet_client system_web folder, you should take immediate action.
Security experts say that
Microsoft has issued an emergency warning to the US government. This sounds bad because, as it turns out, cyber security items have been left out of several of the Pentagon’s arms contracts.
U.S. state security expert Jake Sullivan says every country should control its systems, especially in the defense sector. Not only US organizations are affected, but also the Czech Republic, South-East and Central Asia
Although the giant attack through the supply chain SolarWinds is followed by another scandal, Microsoft says that these vulnerabilities are not have to do with SolarWinds attacks.
We are closely tracking Microsoft’s emergency patch for previously unknown vulnerabilities in Exchange Server software and reports of potential compromises of US think tanks and defense industrial base entities. We encourage network owners to patch ASAP: https://t.co/Q2K4DYWQud
— Jake Sullivan (@ JakeSullivan46) March 5, 2021
Hardware, software, tests, curiosities and colorful news from the IT world by clicking here