Thanks to bitt for the ping!
Posted on 03/02/2021 3:47:35 PM PST by bitt
Microsoft late Tuesday raised the alarm after discovering Chinese cyber-espionage operators chaining multiple zero-day exploits to siphon e-mail data from corporate Microsoft Exchange servers.
Redmond's warning includes the release of emergency out-of-band patches for four distinct zero-day vulnerabilities that formed part of the threat actor's arsenal.
Microsoft pinned the blame on a sophisticated Chinese APT operator called HAFNIUM that operates from leased VPS (virtual private servers) in the United States.
HAFNIUM primarily targets entities in the U.S. across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.
The company said its analysts assess with high confidence that HAFNIUM is state-sponsored and operating out of China, based on observed victimology, tactics and procedures.
In all, Microsoft said the attacker chained four zero-days into a malware cocktail targeting its Exchange Server (Outlook Web App) product. The vulnerabilities exposed Microsoft's customers to remote code excecution attacks, without requiring authentication.
Supply Chain Security Summit
"In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments," Microsoft said.
(Excerpt) Read more at securityweek.com ...
P
Stupid Microsoft. Don’t they know you can’t blame the ChiComs for anything anymore? That door closed on January 20, 2021.
QUARTERNIUM targets the financial sector, utilities, and Hollywood.
EIGHTHNIUM targets transportation, large industrial firms, and the petroleum industry.
TENTHNIUM targets every other firm in the USA.
Thanks to bitt for the ping!
Where in Heck is the Vaccine for this Chinese problem!!!!!
Hey Bill!!!!
Solve something real.
Oh, if you want to. Maybe you like China.
You have to wonder how many zero days the Chinese have in their arsenal.
Apparently, that policy is not polling well.
CNBC had a pro-Biden business article up this morning claiming that Biden is aggressively standing up to and blocking unfair Chinese trade practices.
Practically ALL electronics and too much of everything else is made in China.
Of course the Communists never thought of copying every chip and program with the intent of adding backdoors!!!!¡
So they don’t know how many bugs have been left on all those networks.
“Because it comes from Chy-Na!”
If we know HAFNIUM operates remotely thru US leased servers, where’s the FBI already?
I read that stuxnet had something like three or four zero day exploits in it. This is how the big boys play.
And it never occurred to the free traitors that the communists would do that.
Many companies use a suicide-pact combo of W10 PCs, MS Office 365, MS OneDrive (cloud) and MS Teams. Their MS-certified IT minions push them into it.
Unbelievably stupid to put all your company’s data in one basket, to me.
IT — They used to be called File Clerks, that pushed file carts, dropped and picked up folders and kept the file cabinet room secure.
Now, IT people think businesses exist to employ them richly, and that THEY direct the business. Next to them are HR people.
And then, there’s coders, who think we love to do things their way, love to fix what isn’t broken over and over and over, love censorship, and think we just can’t live without their apps.
/-rant
Why is microsoft allowing the attack?
They and isp’s around the country could block the ip address’s like “big tech” blocked Parlor and various people they do not like.
Funny. At every Black Hat conference I’ve attended, Linux was the first OS to go down. But you know, it’s stylish to shit on Microsoft. $1B+ annual commit to security and consistently top-right quadrant in Gartner for security, but yeah, Microsoft’s just doling out viruses like it’s Christmas.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.