Microsoft servers hacked by Chinese groups, firm says
9 months ago
- #Microsoft
- #cybersecurity
- #China
- Chinese 'threat actors' hacked Microsoft's SharePoint servers, targeting business data.
- Groups involved include state-backed Linen Typhoon, Violet Typhoon, and Storm-2603.
- Hackers exploited vulnerabilities in on-premises SharePoint servers, not cloud-based services.
- Microsoft released security updates and urged customers to install them promptly.
- Hackers stole cryptographic material to maintain access to victims' SharePoint data.
- Targets included governments, defense sectors, NGOs, think tanks, and financial institutions.
- Mandiant Consulting confirmed victims across multiple sectors and global regions.
- Linen Typhoon has a 13-year history of stealing intellectual property.
- Violet Typhoon focused on espionage against ex-government and military personnel.
- Storm-2603 is assessed as a China-based threat actor with medium confidence.