China-based government hackers have exploited a bug in Microsoft Corp’s e-mail server software to target US organizations, the company said on Tuesday.
Microsoft said that a “highly skilled and sophisticated” state-sponsored group operating from China has been trying to steal information from a number of targets in the US, including universities, defense contractors, law firms and infectious-disease researchers.
Microsoft has released security upgrades to fix the vulnerabilities to its Exchange Server software, which is used for work e-mail and calendar services, mostly for larger organizations that have their own in-person e-mail servers, the company said.
Photo: Swayne B. Hall, AP
It does not affect personal e-mail accounts or Microsoft’s cloud-based services, it added.
The hacking group it calls Hafnium was able to trick Exchange servers into allowing it to gain access, Microsoft said.
The hackers then masqueraded as someone who should have access and created a way to control the server remotely so that they could steal data from an organization’s network, it added.
Microsoft said that the group is based in China, but operates from leased virtual private servers in the US, which helps it avoid detection.
The company declined to name any specific targets or say how many organizations were affected.
Reston, Virginia-based cybersecurity company Volexity Government Solutions LLC, which Microsoft credits for helping to detect the intrusions, said that its network security monitoring service began investigating a suspiciously large data transfer in late January.
“They’re just downloading e-mail, literally going to town,” Volexity president Steven Adair said, adding that the targets included defense contractors, think tanks, non-governmental organizations, and international aid and development organizations.
Adair said that he is concerned that the hackers might accelerate their activity in the coming days before organizations are able to install Microsoft’s security upgrades.
“As bad as it is now, I think it’s about to get a lot worse,” he said. “This gives them a limited amount of opportunity to go and exploit something. The patch isn’t going to fix that if they left their backdoor behind.”
NEW IDENTITY: Known for its software, India has expanded into hardware, with its semiconductor industry growing from US$38bn in 2023 to US$45bn to US$50bn India on Saturday inaugurated its first semiconductor assembly and test facility, a milestone in the government’s push to reduce dependence on foreign chipmakers and stake a claim in a sector dominated by China. Indian Prime Minister Narendra Modi opened US firm Micron Technology Inc’s semiconductor assembly, test and packaging unit in his home state of Gujarat, hailing the “dawn of a new era” for India’s technology ambitions. “When young Indians look back in the future, they will see this decade as the turning point in our tech future,” Modi told the event, which was broadcast on his YouTube channel. The plant would convert
‘SEISMIC SHIFT’: The researcher forecast there would be about 1.1 billion mobile shipments this year, down from 1.26 billion the prior year and erasing years of gains The global smartphone market is expected to contract 12.9 percent this year due to the unprecedented memorychip shortage, marking “a crisis like no other,” researcher International Data Corp (IDC) said. The new forecast, a dramatic revision down from earlier estimates, gives the latest accounting of the ongoing memory crunch that is affecting every corner of the electronics industry. The demand for advanced memory to power artificial intelligence (AI) tasks has drained global supply until well into next year and jeopardizes the business model of many smartphone makers. IDC forecast about 1.1 billion mobile shipments this year, down from 1.26 billion the prior
People stand in a Pokemon store in Tokyo on Thursday. One of the world highest-grossing franchises is celebrated its 30th anniversary yesterday.
Zimbabwe’s ban on raw lithium exports is forcing Chinese miners to rethink their strategy, speeding up plans to process the metal locally instead of shipping it to China’s vast rechargeable battery industry. The country is Africa’s largest lithium producer and has one of the world’s largest reserves, according to the US Geological Survey (USGS). Zimbabwe already banned the export of lithium ore in 2022 and last year announced it would halt exports of lithium concentrates from January next year. However, on Wednesday it imposed the ban with immediate effect, leaving unclear what the lithium mining sector would do in the
RSS