Go Back   Carder.life > [en] International Forum > Carding News
Reload this Page Hackers stole data from Norway parliament exploiting Microsoft Exchange flaws

CARDER.MARKET - CARDING FORUM FOR PROFESSIONAL CARDERS


Reply
 
Thread Tools Display Modes
  #1  
Old 01-28-2025, 07:52 AM
Artifact's Avatar

Artifact Artifact is offline
Administrator
Join Date: Jan 2024
Posts: 0
Default

Norway ‘s parliament, the Storting, was hit by a new cyberattack, threat actors stole data exploiting the recently disclosed vulnerabilities in Microsoft Exchange, collectively tracked as ProxyLogon.

On March 2nd, Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild.
The IT giant reported that at least one China-linked APT group, tracked as HAFNIUM, chained these vulnerabilities to access on-premises Exchange servers to access email accounts, and install backdoors to maintain access to victim environments. According to Microsoft, the Hafnium APT exploited these vulnerabilities in targeted attacks against US organizations.
“The Storting has again been hit by an IT attack. The attack is linked to vulnerabilities in Microsoft Exchange, which affected several businesses.” reads a statement issued by the Storting.
“The Storting does not yet know the full extent of the attack. A number of measures have been implemented in our systems, and the analysis work is ongoing. The Storting has received confirmation that data has been extracted,”
Storting director Marianne Andreassen confirmed that the data breach.
“We know that data has been extracted, but we do not yet have a full overview of the situation. We have implemented comprehensive measures and cannot rule out that it will be implemented further.” said Andreassen.
“The work takes place in collaboration with the security authorities. The situation is currently unclear, and we do not know the full potential for damage.”
This isn’t the first time that Storting was hit by a cyber attack, in August 2020 the authorities announced that Norway ‘s Parliament was the target of a major attack that allowed hackers to access emails and data of a small number of parliamentary representatives and employees. Norway‘s government blamed Russia for the cyberattack.
At the time of this writing, it is not possible to attribute the recent attack to a specific threat actor. Security experts observed Hafnium wasn’t the unique APT group exploiting Microsoft Exchange vulnerabilities in his attacks.
ESET researchers pointed out that other threat actors, such as cybercrime Tick, LuckyMouse, and Calypso, had also been exploiting the ProxyLogon flaws before Microsoft addressed them.
  #2  
Old 01-28-2025, 08:17 AM
obed14's Avatar

obed14 obed14 is offline
Join Date: Jun 2022
Posts: 0
Default

Hackers have exploited the source code Azure Intune and Exchang of Microsoft and exploit the server's vulnerabilities Exchange Server zero day
Reply

Tags
NULL

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump




All times are GMT. The time now is 11:38 AM.

Contact Us - Carder.life - Archive - Top