A vulnerability in the e-mail exchange server made users worldwide vulnerable to a group of hackers.
A security gap in Microsoft's e-mail program that has now been closed was used by the hacking group “Haifum” to attack hundreds of thousands of companies and organizations worldwide. In the USA alone, 30,000 companies and organizations are said to be affected. This is reported by security specialist Brian Krebs.
“Haifum” is an “unusually aggressive Chinese cyber espionage unit,” says KrebsOnSecurity. The Chinese government said there was insufficient evidence of the origin of the hack. The attackers were able to exploit 4 vulnerabilities in the software to remotely access e-mails.
In addition, the hackers were able to leave a password-protected “web shell” on the hacked systems, which can be easily accessed via an Internet browser. This enables access to the victims' respective servers. Microsoft urges you to install the latest security update as soon as possible.
