Chinese hackers have taken advantage of four Microsoft Exchange Server vulnerabilities to steal emails from at least 30,000 organizations across the Uni.
Chinese hackers have taken advantage of four Microsoft Exchange Server vulnerabilities to steal emails from at least 30,000 organizations across the United States, KrebsOnSecurity reported.
March 5, 2021
At least 30,000 organizations across the United States including a significant number of small businesses, towns, cities and local governments have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage group is exploiting four newly-discovered flaws in
Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems.
On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange.