Microsoft software flaw exploited by at least 10 hacking groups

Must Read
Sienna Rowley
Sienna Rowley
Sienna is an editor at Cloud Host News. She is an internet enthusiast, always eager to explore the latest trend in the tech space. She is a modest family woman who loves traveling in her free time.

Microsoft software flaw is being exploited by at least 10 hacking groups, to break in to targets across the globe.

On Wednesday, a cybersecurity company ESET in a blog said that at the minimum 10 distinct hacking groups are exploiting the recently discovered vulnerabilities in Microsoft Corp’s mail server software to break into targets around the world.

The security loopholes in the popular mail and calendaring solution will let threat actors steal emails virtually from vulnerable servers or move elsewhere in the network.

A myriad of organizations has been already compromised by exploiting Microsoft server software flaws, and several others are targeted every day.

For instance, Norway’s parliament declared data had been extracted in a breach linked to the Microsoft flaws. In another incident, Germany’s cybersecurity watchdog agency also said two federal authorities have been affected by the hack.

Though Microsoft has published a bug patch for this flaw the patches don’t eliminate any backdoor access that has been left out on the compromised systems.

Additionally, some of the back doors left on compromised systems have credentials that can be easily guessed so that the newcomers can take control of the compromised system.

ESET reported there were already indications of cybercriminal exploitation, with one group that has expertise in stealing computer resources to mine cryptocurrency crashing into priorly unprotected Exchange servers to distribute its malicious software.

Matthieu Faou, an ESET researcher in an email stated that it was unusual for several distinct cyberespionage groups to have access to the same information before it is made public. He thinks that either the information somehow leaked before Microsoft’s announcement or it was discovered by a third party that provides vulnerability information to cyberspies.

Are you looking for more security updates? Subscribe to our newsletter for the latest security news right from the security and research industries. 

Additionally, you can find latest Web Hosting News here!

- Advertisement -spot_img
Latest News

SparkyLinux 6.6 Now Available to Download

Debian-based GNU/Linux distro, SparkyLinux has got a new update Sparky 6.6 named as Po Tolo. Based on Debian 11, Sparky...
- Advertisement -spot_img

More Articles Like This