Security News

Commentary: Enterprises try their best to secure their data, but running on-premises mail servers arguably doesn't do this. We can have a debate about how soon enterprises should embrace cloud.

According to Bloomberg, one of the hacking crew, Tillie Kottmann, claimed to have accessed cloud-based camera surveillance company Verkada and found themselves face-to-face with a huge swathe of internal data. This data apparently included real-time feeds from up to 150,000 surveillance cameras at Verkada customer sites, as well as other real-time information such as access control data from Verkada customers.

The potentially devastating hack of Microsoft email servers, the second major cyberattack in months, adds pressure to the Biden administration as it weighs options for "Hacking back" or other moves to protect cyberspace. The latest hack exploiting flaws in Microsoft Exchange service is believed to have affected at least 30,000 US organizations including local governments and was attributed to an "Unusually aggressive" Chinese cyberespionage campaign.

With regards your question, I'm going to answer it in a bit more depth as there is a lot many realy do not realise both from a defenders and attackers point of view. The level of the attack signal rises and the level of the signals uncorrelated with the Zero Day attack go down do not remain covery long when you can "Go back in time" repeatedly with "Collect it All" databases.

Cyber sleuths have already blamed China for a hack that exposed tens of thousands of servers running its Exchange email program to potential hacks. The CEO of a prominent cybersecurity firm says it now seems clear China also unleashed an indiscriminate, automated second wave of hacking that opened the way for ransomware and other cyberattacks.

The US government might have subtly signalled that it likely won't hack Russia this month - by telling credulous journalists it has a "Clandestine" plan to, er, launch an attack against its rival before April. Set against the backdrop of the SolarWinds and FireEye hack, and the most recent Hafnium attacks against Microsoft Exchange servers, it isn't hard to imagine presidential PR advisors wanting to give the impression that cyber warfare is their boss's top priority.

The European Banking Authority has confirmed it is another victim on the list of organisations affected by vulnerabilities in Microsoft Exchange. The EBA hurriedly pulled its email servers offline over the weekend as it realised that it was among the ranks of those hit by flaws in Microsoft Exchange being targeted by miscreants.

Victims of a massive global hack of Microsoft email server software - estimated in the tens of thousands by cybersecurity responders - hustled Monday to shore up infected systems and try to diminish chances that intruders might steal data or hobble their networks. While the hack doesn't pose the kind of national security threat as the more sophisticated SolarWinds campaign, which the Biden administration blames on Russian intelligence officers, it can be an existential threat for victims who didn't install the patch in time and now have hackers lingering in their systems.

A malicious web shell deployed on Windows systems by leveraging a previously undisclosed zero-day in SolarWinds' Orion network monitoring software may have been the work of a possible Chinese threat group. The findings were also corroborated by cybersecurity firms Palo Alto Networks' Unit 42 threat intelligence team and GuidePoint Security, both of whom described Supernova as a.NET web shell implemented by modifying an "App web logoimagehandler.ashx.b6031896.dll" module of the SolarWinds Orion application.

Early last week, Microsoft revealed that a China-based group called Hafnium has been launching cyberattacks against organizations by exploiting four zero-day vulnerabilities in on-premises versions of its Exchange Server software. Calling this Microsoft Exchange/OWA hack a pretty elaborate attack, Michael Isbitski, Technical Evangelist at Salt Security, told TechRepublic that he suspects this will impact a lot of organizations still operating their own mail infrastructure rather than using a SaaS like Microsoft 365.