Chinese Hacking Spree Hit an 'Astronomical' Number of Victims

When news hit earlier this week that Chinese hackers were actively targeting Microsoft Exchange servers, the cybersecurity community warned that the zero-day vulnerabilities they were exploiting might have allowed them to hit countless organizations around the world. Now it's becoming clear just many email servers they hacked.


GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM's layered persistence - Microsoft Security

Microsoft continues to work with partners and customers to expand our knowledge of the threat actor behind the nation-state cyberattacks that compromised the supply chain of SolarWinds and impacted multiple other organizations. As we have shared previously, we have observed the threat actor using both backdoor and other malware implants to establish sustained access to affected networks.

Microsoft Security

The sudden explosion of zero-day attacks - Security Conversations

In my 20+ years writing about hackers and tracking advanced threats, I've never seen this volume of in-the-wild zero-day exploitation happening at the same time. Last week alone, we saw five 0-days exploited in the wild, including a mysterious Chrome attack and Chinese cyberspies hitting tens-of-thousands of companies globally via Microsoft Exchange server vulnerabilities.

Security Conversations

Three Top Russian Cybercrime Forums Hacked

Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. In two of the intrusions, the attackers made off with the forums' user databases, including email and Internet addresses and hashed passwords.


Mitigate Microsoft Exchange On-Premises Product Vulnerabilities

CISA partners have observed active exploitation of vulnerabilities in Microsoft Exchange on-premises products. Neither the vulnerabilities nor the identified exploit activity is currently known to affect Microsoft 365 or Azure Cloud deployments. Successful exploitation of these vulnerabilities allows an attacker to access on-premises Exchange Servers, enabling them to gain persistent system access and control of an enterprise network.


Women in Cybersecurity

Who has had the biggest impact on my professional career? Well, it has to be Dr. Jessica Barker ( | ). She has not only mentored and supported me in my early career, but I'm also now lucky enough to call her my boss and also a dear friend.

A Basic Timeline of the Exchange Mass-Hack

Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. Here's a brief timeline of what we know leading up to last week's mass-hack, when hundreds of thousands of Microsoft Exchange Server systems got compromised and seeded with...


More than 20,000 U.S. organizations compromised through Microsoft flaw: source

More than 20,000 American organizations have been compromised through a back door installed via a recently patched flaw in Microsoft Corp's flagship email software program, a person familiar with the U.S. government's response to the hacking spree said on Friday.


NSA and CISA Release Cybersecurity Information on Protective DNS

The National Security Agency and Cybersecurity and Infrastructure Security Agency (CISA) released a cybersecurity information sheet, " Selecting a Protective DNS Service " on Thursday. This publication details the benefits of using a Protective Domain Name System (PDNS), which criteria to consider when selecting a PDNS provider, and how to effectively implement PDNS.

National Security Agency Central Security Service