Connect with us

News

Exploits In Microsoft Exchange Used To Breach Over 30,000 Organizations

Published

4 years ago

on

exploit in microsoft exchange used to breach over 30000 organizations

Over 30,000 entities, including local governments, small businesses, defense contractors, and education institutions, have been breached because of unpatched exploits in Microsoft Exchange, reported journalist and investigative reporter Brian Krebs on his blog, KrebsOnSecurity.

“In each incident, the intruders have left behind a ‘web shell,’ an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser. The web shell gives the attackers administrative access to the victim’s computer servers,” Krebs wrote.

According to Microsoft, the attack was orchestrated by notorious Chinese hacking group Hafnium, and they started on January 6th, the day when rioters stormed the United States Capitol in a violent attack against the 117th United States Congress.

Microsoft released emergency security updates to patch the vulnerabilities on March 2nd, which means that the attackers had nearly two months to infiltrate vulnerable systems. The tech giant has been working closely with the U.S. Cybersecurity & Infrastructure Security Agency (CISA), as well as other public and private organizations, to secure all unpatched servers running Exchange Server 2013, 2016, or 2019 (Exchange Online hasn’t been affected).

“The best protection is to apply updates as soon as possible across all impacted systems,” said Microsoft spokesperson in a written statement. “We continue to help customers by providing additional investigation and mitigation guidance. Impacted customers should contact our support teams for additional help and resources.”

Also Read: Dubai Police Use Futuristic Technology To Read Murder Suspect’s Mind

While most known victims of the attacks were located in the United States, breaches related to the Microsoft Exchange vulnerabilities were also detected on the other side of the Atlantic. For example, the Prague municipality and the Czech Ministry for Labor and Social Affairs were forced to shut down some of their systems and install emergency patches. No data was stolen during the attack, said Czech government officials.

Attacks like this one highlight the importance of timely patching and modern intrusion detection tools, which are able to detect unusual activity while it’s still time to act.

Related Topics:
Advertisement

📢 Get Exclusive Monthly Articles, Updates & Tech Tips Right In Your Inbox!

JOIN 17K+ SUBSCRIBERS

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

News

UAE Prepares To Launch Two Satellites: Thuraya-2 And MBZ-SAT

HH Sheikh Hamdan bin Mohammed bin Rashid Al Maktoum chaired the first meeting of the Supreme Space Council yesterday.

Published

5 days ago

on

December 17, 2024

By

uae prepares to launch two satellites thuraya-2 and mbz-sat

HH Sheikh Hamdan bin Mohammed bin Rashid Al Maktoum, Crown Prince of Dubai and Deputy Prime Minister of the UAE, chaired the first meeting of the Supreme Space Council in Dubai on December 16, 2024. The session highlighted the UAE’s ambitious space plans and took stock of the sector’s economic progress.

The council emphasized the growing role of private companies in advancing space technologies, noting that their contributions are now equal to that of the public sector. Members also praised initiatives like the Space Economic Zones Programme, which are designed to fuel innovation and investment in the space industry.

Discussing the UAE’s space journey, HH Sheikh Hamdan bin Mohammed bin Rashid Al Maktoum remarked, “The national space sector continues to grow and advance, and we take immense pride in the remarkable achievements we have accomplished over the years”.

Sheikh Hamdan also received updates on two upcoming satellite projects: Thuraya-2 and MBZ-SAT. Thuraya-2, developed by Space42, is slated for launch this December. Meanwhile, the MBZ-SAT, created by the Mohammed Bin Rashid Space Centre (MBRSC), will soon follow. MBRSC, a major driver of the UAE National Space Programme, continues to lead the nation’s space-related developments.

Space42 took the opportunity to showcase its advancements, including ongoing collaborations between public and private entities. The company also outlined strategies to promote innovation, boost revenue streams, and create new opportunities for growth in the sector.

Also Read: IBM Opens New Doha Office To Support Qatar’s Digital Growth

The UAE’s current projects build on a growing legacy of space exploration. Back in 2020, the nation made headlines with its Mars mission, successfully sending a probe into the planet’s orbit in 2021. This mission, which is now in its second phase as of June 2024, has been collecting critical data to develop a comprehensive diurnal image of Mars.

The UAE also ventured into lunar exploration with an unmanned mission aimed at studying untouched regions of the Moon’s surface. While the probe ultimately crashed during its landing attempt after communication was lost seconds before touchdown, the effort represented a significant step in the country’s exploration ambitions.

Continue Reading

#Trending