Microsoft took action on Tuesday to defend against new threats to Exchange e-mail servers, while the fight against hackers to exploit the vulnerabilities patched last month continues.
The US Cybersecurity and Infrastructure Security Agency under the US Department of Homeland Security called on government departments to immediately install the latest software updates released by Microsoft.
CISA said in the notice: “These vulnerabilities have brought unacceptable risks to federal companies, and urgent measures need to be taken immediately.”
“This decision is based on the possibility of the vulnerability being weaponized, coupled with the widespread use of the affected software in the executive branch, and the huge potential for compromising the integrity and confidentiality of agency information.”
Both CISA and Microsoft said that hackers did not seem to use the newly discovered vulnerabilities to break into the Exchange e-mail system.
Microsoft said in a post about the patch: “Although we are not aware of any active exploits, our recommendation is to install these updates immediately to protect your environment.”
CISA and Microsoft said that these vulnerabilities are different from the vulnerabilities that were fixed last month. Last month, the American technology company revealed that a state-sponsored hacker group operating outside of China was using security vulnerabilities in its Exchange email service to steal data from corporate users.
The company stated that the hacker group named “af” is a “skilled and experienced actor.”
f has targeted US companies in the past, including infectious disease researchers, law firms, universities, defense contractors, think tanks, and non-governmental organizations.
It is believed that potentially destructive hackers have affected at least 30,000 Microsoft email servers in government and private networks, and have prompted calls for a firm call for state-sponsored attacks that may involve “hacking” or other measures Response.
Microsoft released an update in March to fix security flaws that apply to the local version of the software instead of the cloud-based version, and urged customers to apply them.
U.S. Department of Justice officials announced on Tuesday that, with the support of the court, they removed the “malicious network shell” that hackers had planted on hundreds of computers with Exchange Server software.
According to data released by the Ministry of Justice, network shells are computer codes that enable hackers to remotely access computers. They were implanted by exploiting weaknesses in Exchange at the beginning of this year.
A Justice Department official said: “Today’s operation removed the remaining Web Shells of an early hacker group. These Web Shells can be used to maintain and upgrade persistent, unauthorized access to the U.S. network.”
Why did LG give up its smartphone business? We discussed it on the gadget 360 podcast Orbital. Later (from 22:00), we will discuss the new cooperative RPG shooting game “Outriders”. Orbital is available for Apple Podcast, Google Podcast, Spotify and wherever you get podcasts.