Latest news with #CyberSecurityAssociationofChina
Ammon
6 days ago
- Politics
- Ammon
China accuses US of exploiting Microsoft zero-day in cyberattack
Ammon News - U.S. intelligence agencies launched cyberattacks on two Chinese military enterprises dating back to 2022, in one case exploiting a Microsoft zero-day, China alleged Friday. The Cyber Security Association of China said that in the first case, U.S. agencies from July of 2022 to July of 2023 'exploited a zero-day vulnerability in Microsoft Exchange Mail to attack and control the mail server of a major Chinese military enterprise for nearly a year,' according to a Google translation of the statement. They then used that access to steal data, the statement continues. In the second case, the association said the U.S. agencies 'launched a cyberattack against a Chinese military enterprise in the communications and satellite internet sectors' from July to November of last year by exploiting vulnerabilities in electronic file systems, where they also stole information. The statement didn't name either enterprise. While Chinese allegations of U.S. government hacking have become increasingly common — including a batch of allegations in April and in December of last year — the latest accusation is notable for its assertion that the agencies exploited a zero-day, or previously unknown and unpatched vulnerability, at U.S.-headquarted Microsoft. Last week, Microsoft accused Chinese government-linked hackers of exploiting zero-days in its Sharepoint product in its own most recent finger-pointing at Beijing. The Office of the Director of National Intelligence did not immediately respond to a request for comment Friday. Asked on Fox News in June about Chinese hacking and theft of U.S. intellectual property, President Donald Trump answered bluntly. 'You don't think we do that to them? We do. We do a lot of things,' Trump said. 'That's the way the world works. It's a nasty world.' China has also alleged cyberattacks from other governments, particularly from Taiwan, even as it has focused much of its attention on the United States. It tallied 600 foreign government-level attacks in 2024 alone. 'Hacker groups, particularly those affiliated with US intelligence agencies, leverage established cyberattack teams, extensive supporting engineering systems, a standardized attack equipment arsenal, and robust vulnerability analysis and discovery capabilities to conduct attacks and infiltration against [China's] critical information infrastructure, important information systems, and key personnel, posing a serious threat to national cybersecurity,' the Friday statement reads. CyberScoop
Time of India
01-08-2025
- Business
- Time of India
China accuses US of 'using' Microsoft 'bug' to spy on Chinese Military
Microsoft is again caught in China vs US cyber battle. This time China has accused America of using Microsoft bug to spy on the Chinese Military. According to a report in Bloomberg, China has accused the US of exploiting a flaw in Microsoft Corp's email servers to steal military data and launch cyberattacks on its defense sector. The accusations come from the Cyber Security Association of China. The association is backed by the powerful Cyberspace Administration of China. In a statement, the Cyber Security Association of China said that US actors had been linked to two major cyberattacks on Chinese military companies without naming them. They exploited flaws in Microsoft Exchange to control the servers of a key company in the defense sector for nearly a year, it added. Microsoft has repeatedly blamed China for major cyberattacks involving Microsoft Exchange. In 2021, an alleged Chinese operation compromised tens of thousands of Microsoft Exchange servers. In 2023, another alleged Chinese attack on Microsoft Exchange compromised senior US government officials' email accounts. Microsoft accuses Chinese hackers of exploiting SharePoint software by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like We Have No Words For Dog The Bounty Hunter's Transformation. Cash Roadster More recently, Microsoft said Chinese state-backed hacking groups had exploited vulnerabilities in its SharePoint file sharing software. Microsoft SharePoint is widely regarded as one of the biggest security breaches ever that impacted organisations world wide, including several US government departments. Chinese "threat actors" have hacked some Microsoft SharePoint servers and targeted the data of the businesses using them, the company said. According to reports, hackers breached about 400 government agencies, corporations and other groups around the world. According to cybersecurity researchers, most of the victims are in the US, followed by Mauritius, Jordan, South Africa and the Netherlands. Microsoft released security updates in response and advised all on-premises SharePoint server customers to install them. In response to Microsoft's claims, China's US embassy spokesman said in a statement, "China firmly opposes and combats all forms of cyber attacks and cyber crime." AI Masterclass for Students. Upskill Young Ones Today!– Join Now
Hindustan Times
01-08-2025
- Business
- Hindustan Times
China accuses US of cyberattacks using Microsoft's email server flaws
China accused the US of exploiting a flaw in Microsoft Corp.'s email servers to steal military data and launch cyberattacks on its defense sector. The Cyber Security Association of China said that US actors had been linked to two major cyberattacks on Chinese military companies without naming them.(Reuters/Representational Image) The Cyber Security Association of China said in a statement Friday that US actors had been linked to two major cyberattacks on Chinese military companies without naming them. They exploited flaws in Microsoft Exchange to control the servers of a key company in the defense sector for nearly a year, it added. The association is a little-known entity backed by the powerful Cyberspace Administration of China. The Redmond, Washington-based company has repeatedly blamed China for major cyberattacks involving Microsoft Exchange. In 2021, an alleged Chinese operation compromised tens of thousands of Microsoft Exchange servers. In 2023, another alleged Chinese attack on Microsoft Exchange compromised senior US officials' email accounts. A US government review later accused Microsoft of a 'cascade of security failures' over the 2023 incident. Also read: Microsoft's annual cloud revenue exceeds expectations, hits $75 amid AI focus Last month, Microsoft said Chinese state-backed hacking groups had exploited vulnerabilities in its SharePoint file sharing software. Hackers breached about 400 government agencies, corporations and other groups around the world, although the number could be a lot higher, according to Eye Security, the cybersecurity company that identified an early wave of attacks last month. Most of the victims are in the US, followed by Mauritius, Jordan, South Africa and the Netherlands, it added. Microsoft warned last month that hackers were actively targeting customers who manage SharePoint on their own networks, as opposed to being hosted and managed on the cloud.
