In yet another big cyber-attack after SolarWinds, at least 30,000 organisations across the US, including government and commercial firms, have been hacked by China-based threat actors who used Microsoft's Exchange Server software to enter their networks.
According to KrebsOnSecurity, the China-based espionage group exploited four vulnerabilities in Microsoft Exchange Server email software.
The vulnerabilities allowed hackers to gain access to email accounts, and also gave them the ability to install malware, according to Microsoft which reported about the China-based threat actors but did not reveal the scale at which tens of thousands of organisations have been hit.
Two cybersecurity experts who have briefed US national security advisors on the attack told KrebsOnSecurity the Chinese hacking group seized control over "hundreds of thousands" of Microsoft Exchange Servers worldwide.
Exchange Server is primarily used by business customers.
Microsoft has released several security updates to fix the vulnerabilities, advising its customers to install those immediately.
Earlier this week, Microsoft warned its customers against a new sophisticated nation-state cyber-attack that has its origin in China and is primarily targeting on-premises 'Exchange Server' software of the tech giant.
Called "Hafnium," it operates from China and is attacking infectious disease researchers, law firms, higher education institutions, defence contractors, policy think tanks and NGOs in the US for the purpose of exfiltrating information.
"While Hafnium is based in China, it conducts its operations primarily from leased virtual private servers (VPS) in the US," said Tom Burt, Corporate Vice President, Customer Security and Trust at Microsoft.
This was the eighth time in the past 12 months that Microsoft has publicly disclosed nation-state groups targeting institutions critical to civil society.
Nine federal agencies and about 100 private sector companies were compromised as a result of an earlier SolarWinds hack, the White House had said.
In a widespread cyber-attack on US federal agencies and enterprises via SolarWinds software, hackers also broke into the networks of NASA and the Federal Aviation Administration (FAA).
The Joe Biden administration was preparing sanctions against Russia as the cybercriminals are "likely Russian in origin".
Drugs valued at Rs 105 crore seized in Assam; 3 arrested
The Assam Police have seized drugs valued at Rs 105 crore along the inter-state border with Mizoram in Cachar district, an official said on Sunday, adding three persons were also arrested in this connection.
Human trafficking suspect wanted by NIA arrested in Tripura
The Tripura Police on Sunday arrested a human trafficking suspect who was on the 'wanted list' of the National Investigation Agency (NIA), an official said.
PM Modi 'deeply concerned' at Iran President's helicopter incidentv
Prime Minister Narendra Modi on Sunday expressed his "deep concern" at Iranian President Ebrahim Raisi's helicopter going missing after making a "hard landing" and prayed for his well-being.
PM Modi says 'this is Bharat's moment'; urges youth to 'dream big'
Prime Minister Narendra Modi, outlining the importance of ‘thinking big and thinking ahead of time’, on Sunday said that this is Bharat’s moment and we must not lose it.
Indian stock markets will break all records on June 4: PM Modi
Once the Lok Sabha election results are declared on June 4, the Indian stock markets will break all previous records, Prime Minister Narendra Modi said on Sunday.
AAP on streets to save accused, says Swati Maliwal
AAP Rajya Sabha member Swati Maliwal on Sunday while reflecting on the past 12 years since the horrific Nirbhaya case, said that 'they are now out on the streets to save the accused who made the CCTV footage disappear and formatted the phone'.
Captain Gopichand, five others set to fly to edge of space aboard Blue Origin mission
Captain Gopichand Thotakura, along with five others, is set to fly to the edge of space on Blue Origin's crewed flight mission on Sunday evening.
Air India Express flight's engine catches fire, makes emergency landing
The Air India Express flight from Bengaluru to Kochi had to make a full-scale emergency landing at Bangalore International Airport Limited (BIAL) due to a fire in one of its engines.