Security News > 2020 > January > UN Kept Hacker Attacks Under Wraps

The hacking incidents, which took place at three United Nations' offices in Vienna and Geneva sometime around July 2019, appear to have compromised at least 40 servers as well as several domains, according to the Wednesday New Humanitarian report, which is based on confidential UN report it obtained.
While some United Nations' officials knew about the hacking, most were kept in the dark for months until this week's news reports, the news agency says.
SharePoint vulnerability CVE-2019-0604 from a year ago has been used to hack the UN. Three different UN agencies got owned, about 20 domain admin accounts accessed and implants on 40 servers.
While UN officials have kept tight lipped about the incident, the hacks remain under investigation by UN investigators and IT personnel, according to news reports.
In addition to the compromised servers and domains, the attackers appear to have swiped the passwords and credentials of several high-ranking administrators, which could have allowed the hackers to gain access to some of the most sensitive data, The New Humanitarian reports.
News URL
https://www.inforisktoday.com/un-kept-hacker-attacks-under-wraps-a-13664
Related news
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)
- Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- Russian hackers attack Western military mission using malicious drive (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Hackers abuse Zoom remote control feature for crypto-theft attacks (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Lazarus hackers breach six companies in watering hole attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-05 | CVE-2019-0604 | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. | 9.8 |