Microsoft has released emergency patches for four previously unknown vulnerabilities in Exchange Server that a cyberespionage group was exploiting to break into organizations. The flaws allow the extraction of mailbox contents and the installation of backdoors on vulnerable servers.[ Learn 12 tips for effectively presenting cybersecurity to the board and 6 steps for building a robust incident response plan. | Sign up for CSO newsletters. ]
Microsoft attributes the attacks to a Chinese APT group dubbed Hafnium that has a history of exploiting vulnerabilities in internet-facing servers and targeting Office 365 users. The group has targeted entities in the US including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.