“If the Microsoft Exchange servers they interacted with were fully patched and they actually deleted any and all web shells on the backdoor servers, it should be quite effective,” says Steven Adair, founder of security firm Volexity, which first identified the Hafnium attack. “Assuming these Microsoft Exchange servers were just backdoor with web shells, they […]
Given that Facebook is banned in China, the company may seem like an unlikely source of information about Chinese hacking campaigns against the country’s Uyghur ethnic minority. On Wednesday, though, the company announced that it had identified recent espionage campaigns targeted at the Uyghur community, primarily people living abroad in countries like Australia, Canada, Kazakhstan, […]
Few desktop and mobile applications are as heavily used as web browsers, yet browsers also introduce a slew of potential security exposures, no matter how carefully they’re locked down. Large organizations have relied on so-called “browser isolation” services to deal with this risk for years, but these tools are often slow and clunky. As a […]
When Microsoft revealed earlier this month that Chinese spies had gone on a historic hacking spree, observers reasonably feared that other criminals would soon ride that group’s coattails. In fact, it didn’t take long: A new strain of ransomware called DearCry attacked Exchange servers using the same vulnerabilities as early as March 9. While DearCry […]
When news hit earlier this week that Chinese hackers were actively targeting Microsoft Exchange servers, the cybersecurity community warned that the zero-day vulnerabilities they were exploiting might have allowed them to hit countless organizations around the world. Now it’s becoming clear just many email servers they hacked. By all appearances, the group known as Hafnium […]
First it was SolarWinds, a reportedly Russian hacking campaign that stretches back almost a year and has felled at least nine US government agencies and countless private companies. Now it’s Hafnium, a Chinese group that’s been attacking a vulnerability in Microsoft Exchange Server to sneak into victims’ email inboxes and beyond. The collective toll of […]
First it was SolarWinds, a reportedly Russian hacking campaign that stretches back almost a year and has felled at least nine US government agencies and countless private companies. Now it’s Hafnium, a Chinese group that’s been attacking a vulnerability in Microsoft Exchange Server to sneak into victims’ email inboxes and beyond. The collective toll of […]
Over the weekend, word emerged that a hacker breached far-right social media website Gab and downloaded 70 gigabytes of data by exploiting a garden-variety security flaw known as an SQL injection. A quick review of Gab’s open source code shows that the critical vulnerability—or at least one very much like it—was introduced by the company’s […]
WIRED reached out to Gab for comment Friday, offering to share what we’d learned about the nature of the site’s data breach. The company’s CEO, Andrew Torba, responded in a public statement on the company’s blog that “reporters, who write for a publication that has written many hit pieces on Gab in the past, are […]
Together, in other words, the groups Dragos call Kamacite and Electrum make up what other researchers and government agencies collectively call Sandworm. “One group gets in, the other group knows what to do when they get in,” says Caltagirone. “And when they operate separately, which we also watch them do, we clearly see that neither […]