Microsoft is calling on all its customers to urgently install emergency patches to protect against a group of highly skilled cybercriminals who are actively exploiting four zero-day vulnerabilities in Exchange Server.
The software maker has stated that cybercriminals were working to hack into local Exchange Server software that is fully patched. So far, Hafnium, as Microsoft calls this group of cybercriminals, is the only one to have exploited these vulnerabilities, but the company says this could change. Microsoft has not identified the possible targets, except that they are companies that use Exchange Server software. Hafnium, primarily steals data from infectious disease researchers, law firms, institutions of higher education, defence companies, political research organisations and US-based non-governmental organisations.
"Microsoft's recent alert requires all companies using Exchange email servers to immediately update the patch. These new 7 vulnerabilities in one of Microsoft's most popular services have been exploited by what appears to be an advanced cybercriminal group for months. In Check Point's recent Security 2020 report we showed that 83% of all attack vectors were email-based, and some of the world's most significant cyberattacks occurred in environments like this: vulnerabilities are found in popular platforms, a patch is created but is not automatic, and in this interim period between a patch and an upload, cybercriminals attack," notes Lotem Finkelsteen, director of Threat Intelligence at Check Point. "Companies should update the patch immediately or use virtual patching technologies such as IPS to minimise these risks. It is important to note that this attack is relevant to all businesses using Outlook, but not to individuals/consumers. It is a server issue that the cyber attackers exploited," concludes Finkelsteen.
Microsoft is not aware that users have been targeted or that the exploits have affected other Microsoft products. Furthermore, they claim that the attacks are unrelated to the SolarWinds-related cyberattacks, which damaged at least nine US government agencies and a hundred private companies.
Follow Check Point via:
Twitter: http://www.twitter.com/checkpointsw
Facebook: https://www.facebook.com/checkpointsoftware
Blog: http://blog.checkpoint.com
YouTube: http://www.youtube.com/user/CPGlobal
LinkedIn: https://www.linkedin.com/company/check-point-software-technologies
About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers its multilevel security architecture, Infinity Total Protection with Gen V advanced threat prevention, which defends enterprises’ cloud, network and mobile device held information. Check Point provides the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
