[ad_1]
The tech company is releasing updates for the thousands of affected people using its systems, while US authorities say the hack is an “active threat.”
The effects of an attack on Microsoft’s email infrastructure have reached Europe and the European Banking Authority has stated that its email servers have been compromised.
Details of the vulnerability in Microsoft Exchange, its system for managing its email services, emerged last week. The flaw allowed attackers to exploit and take control of email servers remotely and access their data.
Cybersecurity journalist and researcher Brian Krebs reported that around 30,000 US-based companies and organizations were affected.
Over the weekend, the White House described the incident as an “active threat.”
“Everyone who runs these servers – government, private sector, academia – must act now to patch them,” White House press secretary Jen Psaki said last week.
Now, vulnerabilities have reared their heads on this side of the Atlantic. The EBA said its investigation into the compromise was ongoing and that it is implementing more security measures to protect its systems.
“At this stage, the EBA’s email infrastructure has been secured and our analyzes suggest that no data extraction has taken place and we have no indication that the breach has gone beyond our email servers. the regulatory body said in a statement.
Chris Krebs, the former US government official who previously headed the Cybersecurity and Infrastructure Security Agency, said on Twitter that the attack is the “real deal” and that anyone running a Microsoft Outlook Web Access server must “make a compromise.”
Over the weekend, Microsoft released several updates to try to mitigate the threat.
In taking stock of the scope of the attacks, Microsoft has pointed the finger at the Chinese culprits. He has dubbed the attacking group Hafnium and said he is a “highly skilled and sophisticated actor.”
“Historically, Hafnium primarily targets entities in the United States for the purpose of extracting information from various industry sectors, including infectious disease researchers, law firms, institutions of higher education, defense contractors, policy think tanks, and NGO, “Microsoft said in a statement. blog post.
China has denied involvement in the attacks.
[ad_2]
