US Nuclear Weapons Agency 'Among 400 Organizations Breached By Chinese Hackers' (slashdot.org) 26
A cyber-espionage campaign exploiting unpatched Microsoft SharePoint vulnerabilities has breached approximately 400 organizations worldwide, including the US National Nuclear Security Administration, according to Netherlands-based cybersecurity firm Eye Security. The figure represents a four-fold increase from 100 organizations cataloged over the weekend, with researchers calling it likely an undercount since not all attack vectors leave detectable artifacts.
Microsoft identified three Chinese groups -- state-backed Linen Typhoon and Violet Typhoon, plus China-based Storm-2603 -- as exploiting the vulnerabilities in on-premises SharePoint servers to steal authentication credentials and execute malicious code remotely. The campaign began July 7 and was first detected July 18 when Eye Security found unusual activity on a customer's server. Victims include the US Energy Department, Education Department, Florida's Department of Revenue, Rhode Island General Assembly, and European and Middle Eastern governments.
Microsoft identified three Chinese groups -- state-backed Linen Typhoon and Violet Typhoon, plus China-based Storm-2603 -- as exploiting the vulnerabilities in on-premises SharePoint servers to steal authentication credentials and execute malicious code remotely. The campaign began July 7 and was first detected July 18 when Eye Security found unusual activity on a customer's server. Victims include the US Energy Department, Education Department, Florida's Department of Revenue, Rhode Island General Assembly, and European and Middle Eastern governments.
Re: (Score:1)
While you were wasting your time learning Rust, I learned Chinese.
How many poisoned spam files did you get today? (Score:2)
Earlier I noticed two spams that had bypassed the evil google's so-called spam filters.
Relevant per The Hacker and the State by Ben Buchanan. That sort of poison file is a primary tool for state-supported hackers targeting various organizations like this nuclear weapons agency. Of course when they go after an important target they are using retail-level spear phishing rather than the wholesale-level phishing that I'm seeing. I believe the targeted spear phishing is rather more likely to bypass the spam fi
Maybe (Score:2)
Maybe dey can use dem some o dat dare fancy "AI" to stop dem Chi-knees" from takin' all o dem secrets and such.
Re: (Score:1)
Maybe dey can use dem some o dat dare fancy "AI" to stop dem Chi-knees" from takin' all o dem secrets and such.
Can you please translate that message into Bidenese for me, funded by Bidenomics under the Department of Educashun? It’s not quite muddled enough, and I prefer to be spoken to by Dementia.
If that’s not available, a cackling hyena masquerading as a Vice President will suffice. After all, that was plenty good enough on an American Election Day in the past.
Re: Maybe (Score:2)
"and I prefer to be spoken to by Dementia."
Then you should ask for a translation into Cheeto.
Re: (Score:2)
"I prefer to be spoken to by Dementia"
then go listen to Trump
Bullshit (Score:1, Interesting)
I would never trust Microsoft's analysis attributing it to China-backed groups. I worked for a Israeli software vendor and saw enough to never trust anything they sell to the US alphabet agencies, stuff FAR, FAR MORE IMPORTANT than Sharepoint.
Israel and China are not friends, and it would not surprise me at all if this is intentional false-attribution, if not by Microsoft themselves, who is deeply in bed with Israel, but by the IDF.
Re: (Score:2)
Israel and China are not friends
That explains why China didn't show up at Israel's birthday party. So very sad...
Re: Bullshit (Score:2)
I fully endorse your message.
Waiiiit...
Microsoft is publicly known to be in bed with Israel so as speculation goes, at least it's based in fact.
Lawsuits (Score:2)
Shall we play a Game? (Score:3)
Re: (Score:2)
It didn't say *what* information was accessible. For all we know it could just but their vacation schedules. (Yeah, not the way to bet. But for who knows?)
Re: (Score:2)
Hard not to be jaded (Score:2, Troll)
In the past 40ish years we have watched the international tourist class lobby Washington of laws that plainly worked to dissolved any bulwark we had to prevent foreign spies from infiltrating the academic defense industrial complex.
Then the same international tourist class management of those companies managed to make political donations to ensure that any rules that would have stopped them from using foreign nationals and projects delivered to security critical national defense ograns were gone, branded as
Re: (Score:3)
... 'f***k it we are just going put Sharepoint where some threat actor can reach it...
You know the NNSA also has a lot of unclassified documents, right? Sure, even unclassified stuff can be sensitive, but what gave you the impression there was any classified data on the public-internet-connected Sharepoint server?
As for ranting about foreign nationals.. what makes you think NNSA did not follow their strict policies about how/when foreign nationals are provided access to classified files (are you a military rep from France or UK who has treaty agreement rights to benefit from weapons data?
Amateurs doing IT security ... (Score:2)
... are the ones that hand everything to the enemy these days. Obviously, the real problems are on the incompetent "leadership" layers.
Re: (Score:2)
I'll agree about security decisions being made by incompetent people, but I'm not sure those incompetent people have ever worked in IT, much less in IT security. Good security if often inconvenient, and usually more (immediately) expensive than just ignoring the problem. I've experienced arguing for security (well, I wasn't a boss, but it was a small group) and ended up trying to convince a lawyer...unsuccessfully.
Re: (Score:2)
And that is why you get regulation. Look at anything that is regulated and you find idiots and greedy assholes that as some time in the past overdid it with not doing things right and the damage became unacceptable. Being unwilling or incapable of listening to experts makes you responsible.
New product idea (Score:2)
Place infront of firewall.
Never attribute... (Score:2)
Select the excuse that won't get you sacked: