Up To 60,000 Computer Systems Exposed In Germany To Microsoft Flaw (reuters.com) 14
As many as 60,000 computer systems in Germany were exposed to a flaw that allows unauthorized users to access systems in Microsoft's email software, the head of its cybersecurity watchdog said on Wednesday. Reuters reports: More than half of the vulnerabilities were addressed following a warning last weekend by the Federal Office for Information Security (BSI), but around 25,000 systems still need to be fixed, BSI chief Arne Schoenbohm said. "The warning has worked. In Germany, many Exchange servers have been secured by downloading patches," Schoenbohm said in written comments to Reuters. "Every vulnerable system is one too many and can lead to harm."
In a 14-page report on the Microsoft vulnerability, the BSI said the behavior of hackers exploiting it had changed sharply since it was publicly revealed. Initially, most targets had been think tanks, universities, non-governmental organizations, law firms and defense companies - mostly in the United States. "Now, these exploits are being deployed at mass scale against thousands of targets - apparently worldwide," the report said. At least 10 different hacking groups were using the latest flaw in Microsoft's mail server software to break into targets around the world, according to researchers at cybersecurity company ESET. In Germany, two federal authorities have been affected by the hack, the BSI said, declining to say which.
In a 14-page report on the Microsoft vulnerability, the BSI said the behavior of hackers exploiting it had changed sharply since it was publicly revealed. Initially, most targets had been think tanks, universities, non-governmental organizations, law firms and defense companies - mostly in the United States. "Now, these exploits are being deployed at mass scale against thousands of targets - apparently worldwide," the report said. At least 10 different hacking groups were using the latest flaw in Microsoft's mail server software to break into targets around the world, according to researchers at cybersecurity company ESET. In Germany, two federal authorities have been affected by the hack, the BSI said, declining to say which.
Tux: "Miss me yet?" (Score:4, Interesting)
Maybe after this they'll consider reopening & expanding the LiMux project. [wikipedia.org]
Re: (Score:2)
They will probably move to the cloud. It's become apparent that many sysadmins are not up to the job, and figuring out if your one is any good is difficult.
For stuff like email a cloud service from a reputable supplier offers a cheap and secure alternative, likely better than what your staff can build and maintain themselves.
Re: Tux: "Miss me yet?" (Score:2)
Theres 2 potential problems with that though.
1) its no guarantee, there are plenty of examples where just being a big corp was not enough to protect your identity. They can be just as likely to be complacent. In fact it often makes them a more likely target. The bigger they are the harder they fall, so to speak.
2) if you put your eggs in this basket, assuming this cloud service will always be there; such as gmail, or 365; and they pull the plug on you, all your identify is now hosed. Your email recovery
Re: (Score:1)
Linux cloud? Imagine a Beowulf cluster of...
After Office 365 and Microsoft 365 (Score:2)
Here Microsoft Flaw 25000!
Re: After Office 365 and Microsoft 365 (Score:1)
Nah mate, their next offering will be wide open flaws 24/7/365.25... so as not to miss anything but the odd leap second.
A flaw in MS software? (Score:3)
Re: (Score:2)
Don't you know software never has bugs! Microsoft's code would never [dzone.com] bugs, right? /s Oh wait ...
A "minor" problem. (Score:2)
Just declare those 60,000 computers, minors and the law will take care of the rest.
til (Score:2)
Today I learned that there are only 60,000 Windows computers in Germany.
Re: til (Score:1)
Up To 60,000 Computer Systems Exposed In Germany T (Score:2)