The Iranian hacking group using the vulnerability has a history of deploying ransomware
Hackers linked with the governments of China, Iran, North Korea and Turkey have moved to exploit a critical flaw in software used by big tech firms around the world, Microsoft warned late Tuesday.
The activity from the foreign hacking groups includes experimentation with the vulnerability, integration into existing hacking tools and "exploitation against targets to achieve the actor's objectives," Microsoft said in a blog post. Microsoft did not say which organizations have been targeted by the hackers; a spokesperson could not be immediately reached for comment.
It's the latest fallout from the recently revealed software flaw, which the US Cybersecurity and Infrastructure Security Agency says could affect hundreds of millions of devices globally. CISA has ordered all federal civilian agencies to update their software in response to the threat.
The Iranian hacking group using the vulnerability has a history of deploying ransomware, according to Microsoft and other security firms. The Chinese group is the same one behind a hacking campaign against Microsoft Exchange email software earlier this year, which the White House condemned as reckless.
The flaw is in Java-based software known as "Log4j" that organizations around the world use to log information in their applications. The list of affected software providers reads like a who's who of tech giants, from Cisco to Amazon Web Services to IBM.
While US officials are on high alert over the software bug, Eric Goldstein, a senior CISA official, told reporters Tuesday evening that officials had no evidence that federal networks had been breached using the vulnerability.
Microsoft joined a chorus of other big cybersecurity firms in sounding the alarm that suspected foreign espionage groups were pouncing on the vulnerability.
"We have seen Chinese and Iranian state actors leveraging this vulnerability, and we anticipate other state actors are doing so as well, or preparing to," said John Hultquist, vice president of intelligence analysis at cybersecurity firm Mandiant. "We believe these actors will work quickly to create footholds in desirable networks for follow on activity which may last for some time."
Hackers linked with the governments of China, Iran, North Korea and Turkey have moved to exploit a critical flaw in software used by big tech firms around the world, Microsoft warned late Tuesday.
The activity from the foreign hacking groups includes experimentation with the vulnerability, integration into existing hacking tools and "exploitation against targets to achieve the actor's objectives," Microsoft said in a blog post. Microsoft did not say which organizations have been targeted by the hackers; a spokesperson could not be immediately reached for comment.
It's the latest fallout from the recently revealed software flaw, which the US Cybersecurity and Infrastructure Security Agency says could affect hundreds of millions of devices globally. CISA has ordered all federal civilian agencies to update their software in response to the threat.
The Iranian hacking group using the vulnerability has a history of deploying ransomware, according to Microsoft and other security firms. The Chinese group is the same one behind a hacking campaign against Microsoft Exchange email software earlier this year, which the White House condemned as reckless.
The flaw is in Java-based software known as "Log4j" that organizations around the world use to log information in their applications. The list of affected software providers reads like a who's who of tech giants, from Cisco to Amazon Web Services to IBM.
While US officials are on high alert over the software bug, Eric Goldstein, a senior CISA official, told reporters Tuesday evening that officials had no evidence that federal networks had been breached using the vulnerability.
Microsoft joined a chorus of other big cybersecurity firms in sounding the alarm that suspected foreign espionage groups were pouncing on the vulnerability.
"We have seen Chinese and Iranian state actors leveraging this vulnerability, and we anticipate other state actors are doing so as well, or preparing to," said John Hultquist, vice president of intelligence analysis at cybersecurity firm Mandiant. "We believe these actors will work quickly to create footholds in desirable networks for follow on activity which may last for some time."
Hackers linked with the governments of China, Iran, North Korea and Turkey have moved to exploit a critical flaw in software used by big tech firms around the world, Microsoft warned late Tuesday.
The activity from the foreign hacking groups includes experimentation with the vulnerability, integration into existing hacking tools and "exploitation against targets to achieve the actor's objectives," Microsoft said in a blog post. Microsoft did not say which organizations have been targeted by the hackers; a spokesperson could not be immediately reached for comment.
It's the latest fallout from the recently revealed software flaw, which the US Cybersecurity and Infrastructure Security Agency says could affect hundreds of millions of devices globally. CISA has ordered all federal civilian agencies to update their software in response to the threat.
The Iranian hacking group using the vulnerability has a history of deploying ransomware, according to Microsoft and other security firms. The Chinese group is the same one behind a hacking campaign against Microsoft Exchange email software earlier this year, which the White House condemned as reckless.
The flaw is in Java-based software known as "Log4j" that organizations around the world use to log information in their applications. The list of affected software providers reads like a who's who of tech giants, from Cisco to Amazon Web Services to IBM.
While US officials are on high alert over the software bug, Eric Goldstein, a senior CISA official, told reporters Tuesday evening that officials had no evidence that federal networks had been breached using the vulnerability.
Microsoft joined a chorus of other big cybersecurity firms in sounding the alarm that suspected foreign espionage groups were pouncing on the vulnerability.
"We have seen Chinese and Iranian state actors leveraging this vulnerability, and we anticipate other state actors are doing so as well, or preparing to," said John Hultquist, vice president of intelligence analysis at cybersecurity firm Mandiant. "We believe these actors will work quickly to create footholds in desirable networks for follow on activity which may last for some time."
House votes to censure and remove Gosar from committees over violent video targeting AOC and Biden
- House votes to censure and remove Gosar from committees over violent video targeting AOC and Biden
James Webb Space Telescope lifts off on historic mission
- The $10bn James Webb telescope has left Earth on its mission to show the first stars to light up the Universe.
Queen misses jubilee service with Harry and Meghan in attendance as Boris Johnson is booed
- Queen misses jubilee service with Harry and Meghan in attendance as Boris Johnson is booed
Covid: France to drastically restrict travel from UK
- France is tightening Covid restrictions for travellers arriving from the UK, as the government in Paris tries to slow the spread of the Omicron variant.