Microsoft warns China, Iran, North Korea and Turkey are exploiting recently revealed software

Author : fannimobile
Publish Date : 2021-12-15


Microsoft warns China, Iran, North Korea and Turkey are exploiting recently revealed software

Hackers linked with the governments of China, Iran, North Korea and Turkey have moved to exploit a critical flaw in software used by big tech firms around the world, Microsoft warned late Tuesday.

ONLINE

ONLINE

ONLINE

ONLINE

ONLINE

The activity from the foreign hacking groups includes experimentation with the vulnerability, integration into existing hacking tools and "exploitation against targets to achieve the actor's objectives," Microsoft said in a blog post. Microsoft did not say which organizations have been targeted by the hackers; a spokesperson could not be immediately reached for comment.
It's the latest fallout from the recently revealed software flaw, which the US Cybersecurity and Infrastructure Security Agency says could affect hundreds of millions of devices globally. CISA has ordered all federal civilian agencies to update their software in response to the threat.
The Iranian hacking group using the vulnerability has a history of deploying ransomware, according to Microsoft and other security firms. The Chinese group is the same one behind a hacking campaign against Microsoft Exchange email software earlier this year, which the White House condemned as reckless.

The flaw is in Java-based software known as "Log4j" that organizations around the world use to log information in their applications. The list of affected software providers reads like a who's who of tech giants, from Cisco to Amazon Web Services to IBM.
While US officials are on high alert over the software bug, Eric Goldstein, a senior CISA official, told reporters Tuesday evening that officials had no evidence that federal networks had been breached using the vulnerability.
Microsoft joined a chorus of other big cybersecurity firms in sounding the alarm that suspected foreign espionage groups were pouncing on the vulnerability.

"We have seen Chinese and Iranian state actors leveraging this vulnerability, and we anticipate other state actors are doing so as well, or preparing to," said John Hultquist, vice president of intelligence analysis at cybersecurity firm Mandiant. "We believe these actors will work quickly to create footholds in desirable networks for follow on activity which may last for some time."

Hackers linked with the governments of China, Iran, North Korea and Turkey have moved to exploit a critical flaw in software used by big tech firms around the world, Microsoft warned late Tuesday.

The activity from the foreign hacking groups includes experimentation with the vulnerability, integration into existing hacking tools and "exploitation against targets to achieve the actor's objectives," Microsoft said in a blog post. Microsoft did not say which organizations have been targeted by the hackers; a spokesperson could not be immediately reached for comment.
It's the latest fallout from the recently revealed software flaw, which the US Cybersecurity and Infrastructure Security Agency says could affect hundreds of millions of devices globally. CISA has ordered all federal civilian agencies to update their software in response to the threat.
The Iranian hacking group using the vulnerability has a history of deploying ransomware, according to Microsoft and other security firms. The Chinese group is the same one behind a hacking campaign against Microsoft Exchange email software earlier this year, which the White House condemned as reckless.

The flaw is in Java-based software known as "Log4j" that organizations around the world use to log information in their applications. The list of affected software providers reads like a who's who of tech giants, from Cisco to Amazon Web Services to IBM.
While US officials are on high alert over the software bug, Eric Goldstein, a senior CISA official, told reporters Tuesday evening that officials had no evidence that federal networks had been breached using the vulnerability.
Microsoft joined a chorus of other big cybersecurity firms in sounding the alarm that suspected foreign espionage groups were pouncing on the vulnerability.

"We have seen Chinese and Iranian state actors leveraging this vulnerability, and we anticipate other state actors are doing so as well, or preparing to," said John Hultquist, vice president of intelligence analysis at cybersecurity firm Mandiant. "We believe these actors will work quickly to create footholds in desirable networks for follow on activity which may last for some time."
Hackers linked with the governments of China, Iran, North Korea and Turkey have moved to exploit a critical flaw in software used by big tech firms around the world, Microsoft warned late Tuesday.

The activity from the foreign hacking groups includes experimentation with the vulnerability, integration into existing hacking tools and "exploitation against targets to achieve the actor's objectives," Microsoft said in a blog post. Microsoft did not say which organizations have been targeted by the hackers; a spokesperson could not be immediately reached for comment.
It's the latest fallout from the recently revealed software flaw, which the US Cybersecurity and Infrastructure Security Agency says could affect hundreds of millions of devices globally. CISA has ordered all federal civilian agencies to update their software in response to the threat.
The Iranian hacking group using the vulnerability has a history of deploying ransomware, according to Microsoft and other security firms. The Chinese group is the same one behind a hacking campaign against Microsoft Exchange email software earlier this year, which the White House condemned as reckless.

The flaw is in Java-based software known as "Log4j" that organizations around the world use to log information in their applications. The list of affected software providers reads like a who's who of tech giants, from Cisco to Amazon Web Services to IBM.
While US officials are on high alert over the software bug, Eric Goldstein, a senior CISA official, told reporters Tuesday evening that officials had no evidence that federal networks had been breached using the vulnerability.
Microsoft joined a chorus of other big cybersecurity firms in sounding the alarm that suspected foreign espionage groups were pouncing on the vulnerability.

"We have seen Chinese and Iranian state actors leveraging this vulnerability, and we anticipate other state actors are doing so as well, or preparing to," said John Hultquist, vice president of intelligence analysis at cybersecurity firm Mandiant. "We believe these actors will work quickly to create footholds in desirable networks for follow on activity which may last for some time."



Category :news

Australian judge says Djokovic can stay but saga not over

Australian judge says Djokovic can stay but saga not over

- Novak Djokovic won a court battle Monday to stay in Australia to contest the Australian Open after his exemption from strict coronavirus vaccination


No peace in Myanmar 1 year after military takeover

No peace in Myanmar 1 year after military takeover

- The army takeover in Myanmar a year ago that ousted Aung San Suu Kyi not only unexpectedly aborted the country’s fledgling return to democracy


For victims, Syria torture trial is 1st step toward justice

For victims, Syria torture trial is 1st step toward justice

- Victims of torture in Syria and human rights activists say they hope the upcoming verdict in a landmark trial will be a first step toward justice


Covid Omicron: European nations reinstate restrictions

Covid Omicron: European nations reinstate restrictions

- European leaders are reinstating coronavirus restrictions as the new Omicron variant continues to spread across the continent.