Microsoft warns China, Iran, North Korea and Turkey are exploiting recently revealed software

Author : fannimobile
Publish Date : 2021-12-15 00:00:00


Microsoft warns China, Iran, North Korea and Turkey are exploiting recently revealed software

Hackers linked with the governments of China, Iran, North Korea and Turkey have moved to exploit a critical flaw in software used by big tech firms around the world, Microsoft warned late Tuesday.

ONLINE

ONLINE

ONLINE

ONLINE

ONLINE

The activity from the foreign hacking groups includes experimentation with the vulnerability, integration into existing hacking tools and "exploitation against targets to achieve the actor's objectives," Microsoft said in a blog post. Microsoft did not say which organizations have been targeted by the hackers; a spokesperson could not be immediately reached for comment.
It's the latest fallout from the recently revealed software flaw, which the US Cybersecurity and Infrastructure Security Agency says could affect hundreds of millions of devices globally. CISA has ordered all federal civilian agencies to update their software in response to the threat.
The Iranian hacking group using the vulnerability has a history of deploying ransomware, according to Microsoft and other security firms. The Chinese group is the same one behind a hacking campaign against Microsoft Exchange email software earlier this year, which the White House condemned as reckless.

The flaw is in Java-based software known as "Log4j" that organizations around the world use to log information in their applications. The list of affected software providers reads like a who's who of tech giants, from Cisco to Amazon Web Services to IBM.
While US officials are on high alert over the software bug, Eric Goldstein, a senior CISA official, told reporters Tuesday evening that officials had no evidence that federal networks had been breached using the vulnerability.
Microsoft joined a chorus of other big cybersecurity firms in sounding the alarm that suspected foreign espionage groups were pouncing on the vulnerability.

"We have seen Chinese and Iranian state actors leveraging this vulnerability, and we anticipate other state actors are doing so as well, or preparing to," said John Hultquist, vice president of intelligence analysis at cybersecurity firm Mandiant. "We believe these actors will work quickly to create footholds in desirable networks for follow on activity which may last for some time."

Hackers linked with the governments of China, Iran, North Korea and Turkey have moved to exploit a critical flaw in software used by big tech firms around the world, Microsoft warned late Tuesday.

The activity from the foreign hacking groups includes experimentation with the vulnerability, integration into existing hacking tools and "exploitation against targets to achieve the actor's objectives," Microsoft said in a blog post. Microsoft did not say which organizations have been targeted by the hackers; a spokesperson could not be immediately reached for comment.
It's the latest fallout from the recently revealed software flaw, which the US Cybersecurity and Infrastructure Security Agency says could affect hundreds of millions of devices globally. CISA has ordered all federal civilian agencies to update their software in response to the threat.
The Iranian hacking group using the vulnerability has a history of deploying ransomware, according to Microsoft and other security firms. The Chinese group is the same one behind a hacking campaign against Microsoft Exchange email software earlier this year, which the White House condemned as reckless.

The flaw is in Java-based software known as "Log4j" that organizations around the world use to log information in their applications. The list of affected software providers reads like a who's who of tech giants, from Cisco to Amazon Web Services to IBM.
While US officials are on high alert over the software bug, Eric Goldstein, a senior CISA official, told reporters Tuesday evening that officials had no evidence that federal networks had been breached using the vulnerability.
Microsoft joined a chorus of other big cybersecurity firms in sounding the alarm that suspected foreign espionage groups were pouncing on the vulnerability.

"We have seen Chinese and Iranian state actors leveraging this vulnerability, and we anticipate other state actors are doing so as well, or preparing to," said John Hultquist, vice president of intelligence analysis at cybersecurity firm Mandiant. "We believe these actors will work quickly to create footholds in desirable networks for follow on activity which may last for some time."
Hackers linked with the governments of China, Iran, North Korea and Turkey have moved to exploit a critical flaw in software used by big tech firms around the world, Microsoft warned late Tuesday.

The activity from the foreign hacking groups includes experimentation with the vulnerability, integration into existing hacking tools and "exploitation against targets to achieve the actor's objectives," Microsoft said in a blog post. Microsoft did not say which organizations have been targeted by the hackers; a spokesperson could not be immediately reached for comment.
It's the latest fallout from the recently revealed software flaw, which the US Cybersecurity and Infrastructure Security Agency says could affect hundreds of millions of devices globally. CISA has ordered all federal civilian agencies to update their software in response to the threat.
The Iranian hacking group using the vulnerability has a history of deploying ransomware, according to Microsoft and other security firms. The Chinese group is the same one behind a hacking campaign against Microsoft Exchange email software earlier this year, which the White House condemned as reckless.

The flaw is in Java-based software known as "Log4j" that organizations around the world use to log information in their applications. The list of affected software providers reads like a who's who of tech giants, from Cisco to Amazon Web Services to IBM.
While US officials are on high alert over the software bug, Eric Goldstein, a senior CISA official, told reporters Tuesday evening that officials had no evidence that federal networks had been breached using the vulnerability.
Microsoft joined a chorus of other big cybersecurity firms in sounding the alarm that suspected foreign espionage groups were pouncing on the vulnerability.

"We have seen Chinese and Iranian state actors leveraging this vulnerability, and we anticipate other state actors are doing so as well, or preparing to," said John Hultquist, vice president of intelligence analysis at cybersecurity firm Mandiant. "We believe these actors will work quickly to create footholds in desirable networks for follow on activity which may last for some time."



Category :news

Covid: US joins EU in restricting flights from southern Africa over new coronavirus variant

Covid: US joins EU in restricting flights from southern Africa over new coronavirus variant

- The US will restrict travel from South Africa and seven other southern African countries to try to contain a new coronavirus varian


Amid Djokovic backlash, Australia grapples with omicron wave

Amid Djokovic backlash, Australia grapples with omicron wave

- Like millions of others in the most locked-down place on the planet, Melbourne resident Rav Thomas dutifully spent 262 days confined to his home as the COVID-19


Russia rejects UK claim of trying to replace Ukraine leader

Russia rejects UK claim of trying to replace Ukraine leader

- Russia’s Foreign Ministry on Sunday rejected a British claim that Russia was seeking to replace Ukraine’s government with a pro-Moscow administration


The James Webb Space Telescope has successfully launched

The James Webb Space Telescope has successfully launched

- Its a moment that has been decades in the making. The James Webb Space Telescope, NASAs premier space observatory of the next decade



Category