Chinese hackers infiltrated Belgian government network via Microsoft Exchange exploit
Wednesday, May 26, 2021
While the attacker's access to the FPS computer network has been stopped and all important information has been secured, it is pertinent to note that the intrusion went undetected for nearly two years. During this time, it is possible that hackers behind the intrusion exfiltrated vast amounts of data back to their own servers, even though confirmation of the exfiltration is yet to arrive. The discovery also confirms that vulnerabilities in the Microsoft Exchange system were known to hackers long before Microsoft discovered the flaws.
“Comments from Microsoft indirectly suggest that the victim was aware of the critical 0day vulnerabilities in MS Exchange Server much earlier than in March 2021 when they were publicly disclosed by Microsoft. Such a protracted reaction and catastrophic consequences may trigger severe legal ramifications for the tech giant and negatively impact its business in a long-term perspective,” says Ilia Kolochenko, founder of ImmuniWeb. Read Full Article
CPO Magazine: Ransomware Attack Hits Insurance Giant AXA One Week After It Changes Cyber Insurance Policies in France
Dark Reading: Cyber Insurance Firms Start Tapping Out as Ransomware Continues to Rise