AT2k Design BBS Message Area
Casually read the BBS message area using an easy to use interface. Messages are categorized exactly like they are on the BBS. You may post new messages or reply to existing messages!

You are not logged in. Login here for full access privileges.

Previous Message | Next Message | Back to Computer Support/Help/Discussion...  <--  <--- Return to Home Page
   Networked Database  Computer Support/Help/Discussion...   [858 / 1624] RSS
 From   To   Subject   Date/Time 
Message   Sean Dennis    All   Why I don't use M$   July 12, 2023
 10:01 PM *  

Another reason I don't trust Microsoft products: too easy to break into...

From: https://tinyurl.com/mry58wez (cnbc.com)

===
   Chinese intelligence hacked U.S. government emails in 'significant' breach

   Published Wed, Jul 12 20239:51 AM EDT
   Updated Wed, Jul 12 20233:53 PM EDT
   Rohan Goswami@in/rohangoswamicnbc/@rogoswami

   Key Points
     * European and U.S. government agencies were infiltrated by a Chinese
       cyber espionage group, government officials and Microsoft warned, part
       of a wider espionage effort that affected over two dozen government
       agencies in Europe and the U.S.
     * It's the second time in recent months government officials have
       acknowledged a China-based cyberattack on U.S. government
       infrastructure.
     * The threat was contained shortly after it was first reported, but data
       suggests the hackers had access to government systems since at least
       May 2023.

   Chinese intelligence hacked into Microsoft email accounts belonging to two
   dozen government agencies, including the State Department, in the U.S. and
   Western Europe in a "significant" breach, according to
   Microsoft and U.S. national security officials.

   "The Senate Intelligence Committee is closely monitoring what appears to
   be a significant cybersecurity breach by Chinese intelligence," Sen. Mark
   Warner, D-VA, and chair of the Select Committee on Intelligence said
   Wednesday. "It's clear that the PRC is steadily improving its cyber
   collection capabilities directed against the U.S. and our allies. Close
   coordination between the U.S. government and the private sector will be
   critical to countering this threat."

   A spokesperson for Warner confirmed that he had been briefed on the
   incident. The State Department also confirmed that it had been affected
   Wednesday.

   "The Department of State detected anomalous activity, took immediate steps
   to secure our systems and will continue to closely monitor and quickly
   respond to any further activity," a spokesperson told CNBC.

   The hackers accessed Microsoft-powered email accounts at the agencies as
   part of a continued effort by China-based actors to spy on and steal
   sensitive government and corporate data. The hacking group, code-named
   Storm-0558 by Microsoft, also compromised personal accounts "associated"
   with the agencies, likely employees of the agencies.

   The compromise was "mitigated" by Microsoft cybersecurity teams after it
   was first reported to the company in mid-June 2023, Microsoft said in a
   pair of blog posts about the incidents. The hackers had been inside
   government systems since at least May, the company said.

   "This was a very advanced technique used by the threat actor against a
   limited number of high value targets. Each time the technique was used, it
   increased the chances of the threat actor getting caught," said Google
   Cloud's Mandiant senior vice president and chief technical officer Charles
   Carmakal. "Kudos to Microsoft for leaning in, figuring this out,
   remediating, collaborating with partners and being transparent."

   U.S. government officials identified the potential intrusion to Microsoft.
   The National Security Council didn't identify which agencies had been
   affected, although a bulletin from the FBI and the Cybersecurity and
   Infrastructure Security Agency said the first report was made by a single
   executive branch agency.

   "Last month, U.S. government safeguards identified an intrusion in
   Microsoft's cloud security, which affected unclassified systems. Officials
   immediately contacted Microsoft to find the source and vulnerability in
   their cloud service," National Security Council spokesperson Adam Hodge
   said in a statement to The Wall Street Journal. "We continue to hold the
   procurement providers of the U.S. government to a high security
   threshold."

   Microsoft is a major government contractor, and its Exchange software is
   used almost ubiquitously by public- and private-sector clients. The
   company has invested significantly in cybersecurity research and threat
   containment, given how commonplace its software is and how high-profile
   its many clients are.

   Top law firm Covington & Burling, for example, was compromised by Chinese
   hackers using an exploit of Microsoft server software in 2020.

   The latest compromise comes months after Microsoft and top government
   officials acknowledged another Chinese state-backed group was behind
   espionage efforts that targeted "critical" U.S. civilian and military
   infrastructure, including a naval base in Guam.

   It's also a timely example of the kind of threat U.S. national security
   officials have been warning about for months and years. Jen Easterly, the
   top U.S. cybersecurity official, has called China an "epoch-defining"
   threat.
===

-- Sean

--- Maximus/2 3.01
 * Origin: Micronet World HQ - bbs.outpostbbs.net:10323 (618:618/1)
  Show ANSI Codes | Hide BBCodes | Show Color Codes | Hide Encoding | Hide HTML Tags | Show Routing
Previous Message | Next Message | Back to Computer Support/Help/Discussion...  <--  <--- Return to Home Page

VADV-PHP
Execution Time: 0.0144 seconds

If you experience any problems with this website or need help, contact the webmaster.
VADV-PHP Copyright © 2002-2024 Steve Winn, Aspect Technologies. All Rights Reserved.
Virtual Advanced Copyright © 1995-1997 Roland De Graaf.
v2.1.241108