Home Technology Microsoft Defends Against New Threat to Exchange Mail Servers

Microsoft Defends Against New Threat to Exchange Mail Servers


Microsoft on Tuesday moved to defend against a dangerous new threat to Exchange email servers while the fight continued against hackers taking advantage of a flaw patched last month.

The US Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security, called on government departments to immediately install the latest software update released by Microsoft.

“These vulnerabilities pose an unacceptable risk to the Federal enterprise and require an immediate and emergency action,” CISA said in a notice.

“This determination is based on the likelihood of the vulnerabilities being weaponised, combined with the widespread use of the affected software across the Executive Branch and high potential for a compromise of integrity and confidentiality of agency information.”

Both CISA and Microsoft said it did not appear that hackers had taken advantage of the newly discovered weakness to break into Exchange email systems.

“Although we are not aware of any active exploits in the wild, our recommendation is to install these updates immediately to protect your environment,” Microsoft said in a post about the patch.

CISA and Microsoft said that the vulnerabilities were different from those fixed last month, when the US tech company disclosed that a state-sponsored hacking group operating out of China was exploiting security flaws in its Exchange email services to steal data from business users.

The company said the hacking group, which it has named “Hafnium,” is a “highly skilled and sophisticated actor.”

Hafnium has in the past targeted US-based companies including infectious disease researchers, law firms, universities, defense contractors, think tanks and NGOs.

The potentially devastating hack is believed to have affected at least 30,000 Microsoft email servers in government and private networks and has prompted calls for a firm response to state-sponsored attacks which could involve “hacking back” or other measures.

Microsoft in March released updates to fix the security flaws, which apply to on-premises versions of the software rather than cloud-based versions, and urged customers to apply them.

US Justice Department officials on Tuesday announced that, with backing from a court, they purged “malicious web shells” hackers had planted in hundreds of computers running Exchange Server software.

Web shells are bits of computer code that allow hackers to reach into computers remotely, and had been planted early this year by taking advantage of a weakness in Exchange, according to a Justice Department release.

“Today’s operation removed one early hacking group’s remaining web shells, which could have been used to maintain and escalate persistent, unauthorized access to US networks,” Justice Department officials said.


Why did LG give up on its smartphone business? We discussed this on Orbital, the Gadgets 360 podcast. Later (starting at 22:00), we talk about the new co-op RPG shooter Outriders. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, and wherever you get your podcasts.



Source link

Vishal Kumarhttps://visionaryblogs.com/
Hi..I'm Vishal Kumar I am currently study MCA from IGNOU. Web Development and Designing is my passion and I believe in helping people with my abilities and knowledge. I am learning these things from last 8 years and it feels like learning is a part of my life. Now, which makes this experience even more interesting. Feel free to reach out to me at https://visionaryblogs.com/ Have a nice stay here!

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

OLDER ARTICLE

Twitter Announces Super Follows Service to Charge Followers for Special Content in Revenue Push

Twitter said Thursday it plans to offer a subscription service in which users would pay for special content from high-profile accounts, part of...

Who Is Keeley Hazell? Learn More About The Model & Actress – Hollywood Life

Who is Keeley Hazell, you ask? Learn more about the famous British model-turned-actress who has been at the center of dating speculation with...

Twitter Locks China’s US Embassy Account Over Xinjiang Policy-Related Tweet

Twitter has locked the account of China's US embassy for a tweet that defended China's policies in the Xinjiang region, which the US...

Kangana Ranaut to play Prime Minister Indira Gandhi in political period drama  : Bollywood News

Kangana Ranaut will essay the role of former Prime Minister Indira Gandhi in an upcoming political drama. The actress said...

It’s a wrap! Sajid Nadiadwala’s Tadap starring Tara Sutaria and debutant Ahan Shetty concludes its final shoot : Bollywood News

Nadiadwala Grandson Entertainment's Tadap shoot has now concluded. The film went on floors recently starring the fresh pairing of Ahan Shetty...

Yoga Asanas to Make Healthy Life

Yoga Asanas to Understand the body or mind together work. Relaxation should be make healthy life and work more. Asana...