Microsoft Shares Info on Nation-State Actor ‘Hafnium’

Microsoft Shares Info on Nation-State Actor ‘Hafnium’
Cyber threat against US entities

Microsoft has found that a state-sponsored threat actor operating from China, called Hafnium, is targeting U.S. defense contractors, law firms, policy think tanks, infectious disease researchers and other entitles to steal data by compromising on-premises Exchange Server software.

Tom Burt, corporate vice president for customer security and trust at Microsoft, wrote in a blog post published Tuesday that the Microsoft Threat Intelligence Center discovered that Hafnium carried out its operations through U.S.-based leased virtual private servers.

Hafnium uses three steps to carry out its attacks: gaining access to a server using undetected vulnerabilities and stolen passwords, creating a web shell to remotely control the compromised server and exfiltrating data using remote access.

The company issued security updates to help clients running Exchange Server to protect themselves against Hafnium-led attacks and informed U.S. government agencies on the threat actor's activity.

Burt noted that Microsoft worked with researchers from Dubex and Volexity to address the cyber threat posed by Hafnium.

You may also be interested in...

Ed Sheehan President

CTC to Continue Supporting USAF Facilities Under New Contract Modification; Ed Sheehan Quoted

Concurrent Technologies Corp. has secured a contract modification to help the U.S. Air Force manage facilities and corresponding utility systems. The company said Tuesday it will continue to deliver subject matter expertise and program management services for USAF facilities under an existing five-year, $21 million contract.

RFCM test Navy

Navy Tests Airworthiness of BAE-Made RF Countermeasure Tech for P-8A Aircraft

The U.S. Navy has demonstrated the airworthiness of a BAE Systems-made prototype of a technology meant to provide the P-8A Poseidon aircraft with radio frequency defense. The pod-mounted radiofrequency countermeasure passed its airworthiness test while installed on the P-8A platform operated by Air Test and Evaluation Squadron or VX 20, Naval Air Systems Command said Friday.

Mk 18 Mod 2 UUV

Huntington Ingalls Subsidiary Books Potential $75M Navy UUV Payload Modernization IDIQ

A Huntington Ingalls Industries business unit has received a potential five-year, $74.7 million contract to help update payload for the U.S. Navy’s Mk 18 Mod 2 Kingfish unmanned underwater vehicles. HII’s Hydroid subsidiary will provide Increment II hardware for the Mk 18 Mod 2 UUV as part of the indefinite-delivery/indefinite-quantity award, the Department of Defense said Tuesday.