Microsoft Exchange hack, explained

One week ago, Microsoft disclosed that Chinese hackers were gaining access to organizations’ email accounts through vulnerabilities in its Exchange Server email software and issued security patches.

The hack will probably stand out as one of the top cybersecurity events of the year, because Exchange is still widely used around the world. It could lead companies to spend more on security software to prevent future hacks, and to move to cloud-based email instead of running their own email servers in-house.

IT departments are working on applying the patches, but that takes time and the vulnerability is still widespread. On Monday, internet security company Netcraft said it had run an analysis over the weekend and observed over 99,000 servers online running unpatched Outlook Web Access software.

Shares of Microsoft stock have fallen 1.3% since March 1, the day before the company disclosed the issues, while the S&P 500 index is down

Read More

Microsoft Ignite Data and Analytics roundup: Platform extensions are the key theme

cosmos.jpg

The shift toward online digital conferences has prompted Microsoft to reconvene Ignite about six months early this year. Scanning the data and analytics announcements, the overriding theme is of extending the reach of the portfolio of Azure data platforms.

For data and analytics, the headlines on this go-round include a new Azure Managed Instance for Apache Cassandra; support for a MongoDB 4.0 API in Azure Cosmos DB; the general availability of Azure Synapse Link for Cosmos DB; and some enhancements to Azure Cache for Redis offering. And Microsoft is introducing new tools for data warehouse users to automate their migration to Azure Synapse Analytics. On the hybrid cloud front, there are several announcements for the software-defined hybrid platform Azure Arc, including support of Kubernetes (K8s) and the addition of Azure Machine Learning to the small, but growing stable of Azure services available on Arc.

Read More

Microsoft Says Chinese Hackers Targeted Groups Via Server Software | Technology News

By Raphael Satter and Christopher Bing

WASHINGTON (Reuters) – A China-linked cyberespionage group has been remotely plundering email inboxes using freshly discovered flaws in Microsoft mail server software, the company and outside researchers said on Tuesday – an example of how commonly used programs can be exploited to cast a wide net online.

In a blog post, Microsoft said the hacking campaign made use of four previously undetected vulnerabilities in different versions of the software and was the work of a group it dubs HAFNIUM, which it described as a state-sponsored entity operating out of China.

In a separate blog post, cybersecurity firm Volexity said that in January it had seen the hackers use one of the vulnerabilities to remotely steal “the full contents of several user mailboxes.” All they needed to know were the details of Exchange server and of the account they wanted to pillage its emails,

Read More

Microsoft Says Vaccine Tools Have ‘Fallen Short’ After DC Snags

(Bloomberg) —

Widely-used Microsoft Corp. vaccine scheduling software that has run into difficulties in states like Iowa and New Jersey is being blamed for problems that left some residents of the nation’s capital unable to book appointments.

After three straight days of issues with the District of Columbia’s online vaccination registration, the Redmond, Washington-based technology company released a statement along with the city government acknowledging “that our efforts have fallen short” and vowing to address the problems.

“We understand the frustration of individuals who attempted to utilize the District’s vaccination appointment portal this week,” they said. “We are committed to address technical issues so that the vaccination appointment portal is properly functional and accessible.”

The issues in DC represent another black eye for Microsoft, which has heavily touted its software as a way to help with rapid vaccine deployment and scheduling. In the past several years, the software giant has

Read More