Dutch security agency says 1,200 ‘vulnerable’ Microsoft servers affected by security loophole as data stolen, emails sold online
If there are vulnerabilities in the Microsoft Exchange Server, it means that “data is stolen, malware is placed, back doors are built in and mailboxes are offered on the black market,” the NCSC said in a statement.
Cybercriminals may also be able to access other systems through Exchange, the NCSC warned, although it did not detail when specific attacks had been carried out or identify any victims.Also on rt.com Data stolen in new cyberattack on Norwegian Parliament linked to Microsoft software – spokesperson
Around 90 percent of the Netherlands’ Microsoft’s Exchange servers have been updated, but “a large number of servers remain vulnerable,” the NCSC said.
The agency’s warning comes after a Vietnamese security researcher last week published what appeared to be the first “proof-of-concept” demonstration of how malicious code can be used to exploit Exchange’s vulnerabilities.
The NCSC’s statement referred to the demonstration, the release of which was condemned by security analysts, who said it could be used to commit cybercrime.Also on rt.com Hackers say they breached 150,000 live-feed cameras, incl. in hospitals, prisons & schools to expose lax security standards
“Organizations and companies that still need to update are advised to do this as soon as possible, and to investigate what damage has been done,” the NCSC said.
Microsoft’s email and calendaring software was also thrown into the spotlight after it was reported last week that hackers had launched an attack on the Norwegian parliament.
Data was stolen in the attack, which was related to a “vulnerability” in the Exchange software – the second such incident to hit the parliament in six months.
Like this story? Share it with a friend!