CrissX
2021-03-10
Oh no
Microsoft’s big email hack: What happened, who did it, and why it matters
免责声明:上述内容仅代表发帖人个人观点,不构成本平台的任何投资建议。
分享至
微信
复制链接
精彩评论
我们需要你的真知灼见来填补这片空白
打开APP,发表看法
APP内打开
发表看法
4
2
{"i18n":{"language":"zh_CN"},"detailType":1,"isChannel":false,"data":{"magic":2,"id":323639393,"tweetId":"323639393","gmtCreate":1615336642112,"gmtModify":1703487482914,"author":{"id":3574890467076245,"idStr":"3574890467076245","authorId":3574890467076245,"authorIdStr":"3574890467076245","name":"CrissX","avatar":"https://static.tigerbbs.com/587e89272baf5d67633299a98a86e95f","vip":1,"userType":1,"introduction":"","boolIsFan":false,"boolIsHead":false,"crmLevel":2,"crmLevelSwitch":0,"individualDisplayBadges":[],"fanSize":4,"starInvestorFlag":false},"themes":[],"images":[],"coverImages":[],"extraTitle":"","html":"<html><head></head><body><p>Oh no</p></body></html>","htmlText":"<html><head></head><body><p>Oh no</p></body></html>","text":"Oh no","highlighted":1,"essential":1,"paper":1,"likeSize":2,"commentSize":4,"repostSize":0,"favoriteSize":0,"link":"https://laohu8.com/post/323639393","repostId":1167989655,"repostType":4,"repost":{"id":"1167989655","kind":"news","pubTimestamp":1615335734,"share":"https://www.laohu8.com/m/news/1167989655?lang=&edition=full","pubTime":"2021-03-10 08:22","market":"us","language":"en","title":"Microsoft’s big email hack: What happened, who did it, and why it matters","url":"https://stock-news.laohu8.com/highlight/detail?id=1167989655","media":"cnbc","summary":"KEY POINTS\n\nOn March 2, Microsoft said there were vulnerabilities in its Exchange Server mail and ca","content":"<div>\n<p>KEY POINTS\n\nOn March 2, Microsoft said there were vulnerabilities in its Exchange Server mail and calendar software for corporate and government data centers. The vulnerabilities go back 10 years, and...</p>\n\n<a href=\"https://www.cnbc.com/2021/03/09/microsoft-exchange-hack-explained.html\">Web Link</a>\n\n</div>\n","source":"cnbc_highlight","collect":0,"html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>Microsoft’s big email hack: What happened, who did it, and why it matters</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nMicrosoft’s big email hack: What happened, who did it, and why it matters\n</h2>\n\n<h4 class=\"meta\">\n\n\n2021-03-10 08:22 GMT+8 <a href=https://www.cnbc.com/2021/03/09/microsoft-exchange-hack-explained.html><strong>cnbc</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>KEY POINTS\n\nOn March 2, Microsoft said there were vulnerabilities in its Exchange Server mail and calendar software for corporate and government data centers. The vulnerabilities go back 10 years, and...</p>\n\n<a href=\"https://www.cnbc.com/2021/03/09/microsoft-exchange-hack-explained.html\">Web Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","type":0,"thumbnail":"","relate_stocks":{"MSFT":"微软"},"source_url":"https://www.cnbc.com/2021/03/09/microsoft-exchange-hack-explained.html","is_english":true,"share_image_url":"https://static.laohu8.com/72bb72e1b84c09fca865c6dcb1bbcd16","article_id":"1167989655","content_text":"KEY POINTS\n\nOn March 2, Microsoft said there were vulnerabilities in its Exchange Server mail and calendar software for corporate and government data centers. The vulnerabilities go back 10 years, and have been exploited by Chinese hackers at least since January.\nThe group, which Microsoft has dubbed Hafnium, has aimed to gain information from defense contractors, schools and other entities in the U.S., according to a blog post by Microsoft VP Tom Burt.\nThe hack could lead companies to spend more on security software and adopting cloud-based email instead of running their own email servers in-house.\n\nOne week ago,Microsoftdisclosed that Chinese hackers were gaining access to organizations’ email accounts through vulnerabilities in its Exchange Server email software and issued security patches.\nThe hack will probably stand out as one of the top cybersecurity events of the year, because Exchange is still widely used around the world. It could lead companies to spend more on security software to prevent future hacks, and to move to cloud-based email instead of running their own email servers in-house.\nIT departments are working on applying the patches, but that takes time and the vulnerability is still widespread. On Monday, internet security company Netcraftsaidit had run an analysis over the weekend and observed over 99,000 servers online running unpatched Outlook Web Access software.\nShares of Microsoft stock have fallen 1.3% since March 1, the day before the company disclosed the issues, while the S&P 500 index is down 0.7% over the same period.\nHere’s what you need to know about the Microsoft cyberattacks:\nWhat happened?\nOn March 2, Microsoftsaidthere were vulnerabilities in its Exchange Server mail and calendar software for corporate and government data centers. The company released patches for the 2010, 2013, 2016 and 2019 versions of Exchange.\nGenerally, Microsoft releases updates on Patch Tuesday, which occurs on the second Tuesday of each month, but the announcement about attacks on the Exchange software came on the first Tuesday, emphasizing its significance.\nMicrosoft also took the unusual step of issuing a patch for the 2010 edition, even though support for it ended in October. “That means the vulnerabilities the attackers exploited have been in the Microsoft Exchange Server code base for more than 10 years,” security blogger Brian Krebs wrote in a Mondayblog post.\nHackers had initially pursued specific targets, but in February they started going after more servers with the vulnerable software that they could spot, Krebs wrote.\nAre people exploiting the vulnerabilities?\nYes. Microsoftsaidthe main group exploiting vulnerabilities is a nation-state group based in China that it calls Hafnium.\nWhen did the attacks start?\nAttacks on the Exchange software started in early January, according to security companyVolexity, which Microsoft gave credit to for identifying some of the issues.\nHow does the attack work?\nTom Burt, a Microsoft corporate vice president, described in ablog postlast week how an attacker would go through multiple steps:\nFirst, it would gain access to an Exchange Server either with stolen passwords or by using the previously undiscovered vulnerabilities to disguise itself as someone who should have access. Second, it would create what’s called a web shell to control the compromised server remotely. Third, it would use that remote access – run from the U.S.-based private servers – to steal data from an organization’s network.\nAmong other things, attackersinstalled and used softwareto take email data, Microsoft said.\nDo the flaws affect cloud services like Office 365?\nNo. The four vulnerabilities Microsoft disclosed do not affect Exchange Online, Microsoft’s cloud-based email and calendar service that’s included in commercial Office 365 and Microsoft 365 subscription bundles.\nWhat are the attackers targeting?\nThe group has aimed to gain information from defense contractors, schools and other entities in the U.S., Burt wrote. Victims include U.S. retailers, according to security companyFireEye, and the city of Lake Worth Beach, Fla., according to thePalm Beach Post. The European Banking Authoritysaidit had been hit.\nHow many victims are there altogether?\nMedia outlets have published varying estimates on the number of victims of the attacks. On Friday theWall Street Journal, citing an unnamed person, said there could be 250,000 or more.\nWill the patches banish any attackers from compromised systems?\nMicrosoftsaid no.\nDoes this have anything do with SolarWinds?\nNo, the attacks on Exchange Server do not seem to not related to the SolarWinds threat, to which former Secretary of State Mike Pompeo said Russia was probably connected. Still, the disclosure comes less than three months after U.S. government agencies and companies said they hadfound malicious contentin updates to Orion software from information-technology companySolarWindsin their networks.\nWhat’s Microsoft doing?\nMicrosoft is encouraging customers to install the security patches it delivered last week. It has alsoreleased informationto help customers figure out if their networks had been hit.\n“Because we are aware of active exploits of related vulnerabilities in the wild (limited targeted attacks), our recommendation is to install these updates immediately to protect against these attacks,” Microsoft said in ablog post.\nOn Monday the company made it easier for companies to treat their infrastructure byreleasingsecurity patches for versions of Exchange Server that did not have the most recent available software updates. Until that point, Microsoft had said customers would have to apply the most recent updates before installing the security patches, which delayed the process of dealing with the hack.\n“We are working closely with the CISA [the Cybersecurity and Infrastructure Security Agency], other government agencies, and security companies to ensure we are providing the best possible guidance and mitigation for our customers,” a Microsoft spokesperson told CNBC in an email on Monday. “The best protection is to apply updates as soon as possible across all impacted systems. We continue to help customers by providing additional investigation and mitigation guidance. Impacted customers should contact our support teams for additional help and resources.”\nWhat are the implications?\nThe cyberattacks could end up being beneficial for Microsoft. Besides making Exchange Server, it sells security software that clients might be inclined to start using.\n“We believe this attack, like SolarWinds, will keep cybersecurity urgency high and likely bolster broad-based security spending in 2021, including with Microsoft, and speed the migration to cloud,” KeyBanc analysts led by Michael Turits, who have the equivalent of a buy rating on Microsoft stock, wrote in a note distributed to clients on Monday.\nBut many Microsoft customers have already switched to cloud-based email, and some companies rely on Google’s cloud-based Gmail, which is not affected by the Exchange Server flaws. As a result, the impact of the hacks could have been worse if they had come five or 10 years ago, and there won’t necessarily be a race to the cloud as a result of Hafnium.\n“I meet a lot of organizations, big and small, and it’s more the exception than the rule when somebody’s all on prem,” said Ryan Noon, CEO of e-mail security start-up Material Security.\nDA Davidson analysts Andrew Nowinski and Hannah Baade wrote in a Tuesday note that the attacks could increase adoption of products from security companies such asCyberark,ProofpointandTenable.","news_type":1},"isVote":1,"tweetType":1,"viewCount":41,"commentLimit":10,"likeStatus":false,"favoriteStatus":false,"reportStatus":false,"symbols":[],"verified":2,"subType":0,"readableState":1,"langContent":"EN","currentLanguage":"EN","warmUpFlag":false,"orderFlag":false,"shareable":true,"causeOfNotShareable":"","featuresForAnalytics":[],"commentAndTweetFlag":false,"andRepostAutoSelectedFlag":false,"upFlag":false,"length":4,"xxTargetLangEnum":"ORIG"},"commentList":[],"isCommentEnd":true,"isTiger":false,"isWeiXinMini":false,"url":"/m/post/323639393"}
精彩评论