Microsoft exchange hack: Microsoft recently warned all its customers last week against a new sophisticated state state cyber attack. Whose origin is in China.
Microsoft exchange has mainly targeted the giant tech giant’s Exchange Server software. Let us tell you, this cyber attack has been done on a very large scale.
Through the Microsoft exchange hack, a particular organization such as research firm, LA firm, higher education institute, defense contractors, policy firm NGO has been targeted.
Microsoft has taken more than eight weeks to process the Red Flag raised by security organizations around the world.
It seems that this issue has become more serious than the report that came in the beginning.
In many reports, it has been found out that the Microsoft Exchange Mass Cyber attack has already affected thousands of small and medium businesses all over the world.
And that’s why millions of users all over the world have been affected by it. Microsoft’s corporate vice president Tom Burt said, “Hafnium is from China.
It operates primarily from virtual private servers based in the US.” This company has released security updates to protect all customers running Exchange Server.
All Exchange Server customers have been appealed to implement these updates immediately.
Let’s know what is Microsoft Exchange Mass Cyber Attack?
On March 2, Microsoft said that the Exchange server mail and calendar software of corporate and government data centers had a number of flaws.
In this company, patches have been issued for the 2010, 2013, 2016 and 2019 exchange versions.
Usually, Microsoft releases patches on the second Tuesday of every month, but then the news of an attack on the exchange software has already come out on Tuesday.
According to a report by the team of Bloomberg, it has claimed that more than 60000 organizations have so far emerged in the USA alone.
Security blogger Brian Krebs wrote in his blog that the Microsoft company has also picked up an unusual way of releasing patches for the 2010 version.
Even if the support for it ended in the month of October itself. Then it becomes very clear from this that Microsoft Exchange Server code has flaws in it for more than 10 years.
The hackers targeted a few Microsoft exchange hack at the beginning of February, then after that they detected software with many flaws.
Are people taking advantage of this flaw?
Yes, the Microsoft company said that the main group exploiting the flaws is a group of nation-states based in China, which they call a Hofnium.
Let us know when the attacks started on this –
According to security company volexity, attacks on Microsoft exchange hack software started in early January. Volatility has also been credited with identifying Microsoft on certain issues.
Microsoft Threat Intelligence Center has discovered that hafnium steals passwords before accessing any Exchange server.
Secondly it creates a web shell from which the server can be remotely controlled. The third one uses remote access that runs on a US-based private server.
For your information, let us know that this is the eighth time in the last 12 months. When Microsoft has uncovered nation test groups publicly targeting institutions important to civil society.