At least 10 hacking groups using Microsoft software flaw — researchers

FireEye CEO Kevin Mandia gives a tour of the cybersecurity company's office in Reston, Virginia, on March 9, 2021. FireEye has confirmed seeing “multiple likely-China groups” using the Microsoft flaws in different waves. (AP Photo/Nathan Ellgren)
Short Url
Updated 11 March 2021
Follow

At least 10 hacking groups using Microsoft software flaw — researchers

  • The security holes in the widely used mail and calendaring solution leave the door open to industrial-scale cyber espionage
  • Microsoft has blamed the hack on China. The Chinese government denies any role

WASHINGTON: At least 10 different hacking groups are using recently discovered flaws in Microsoft Corp’s mail server software to break in to targets around the world, cybersecurity company ESET said in a blog post on Wednesday.
The breadth of the exploitation adds to the urgency of the warnings being issued by authorities in the United States and Europe about the weaknesses found in Microsoft’s Exchange software.
The security holes in the widely used mail and calendaring solution leave the door open to industrial-scale cyber espionage, allowing malicious actors to steal emails virtually at will from vulnerable servers or move elsewhere in the network. Tens of thousands of organizations have already been compromised, Reuters reported last week, and new victims are being made public daily.
Earlier on Wednesday, for example, Norway’s parliament announced data had been “extracted” in a breach linked to the Microsoft flaws. Germany’s cybersecurity watchdog agency also said on Wednesday two federal authorities had been affected by the hack, although it declined to identify them.
While Microsoft has issued fixes, the sluggish pace of many customers’ updates — which experts attribute in part to the complexity of Exchange’s architecture — means the field remains at least partially open to hackers of all stripes. The patches do not remove any back door access that has already been left on the machines.
In addition, some of the back doors left on compromised machines have passwords that are easily guessed, so that newcomers can take them over.
Microsoft declined comment on the pace of customers’ updates. In previous announcements pertaining to the flaws, the company has emphasized the importance of “patching all affected systems immediately.”
Although the hacking has appeared to be focused on cyber espionage, experts are concerned about the prospect of ransom-seeking cybercriminals taking advantage of the flaws because it could lead to widespread disruption.
ESET’s blog post said there were already signs of cybercriminal exploitation, with one group that specializes in stealing computer resources to mine cryptocurrency breaking in to previously vulnerable Exchange servers to spread its malicious software.
ESET named nine other espionage-focused groups it said were taking advantage of the flaws to break in to targeted networks — several of which other researchers have tied to China. Microsoft has blamed the hack on China. The Chinese government denies any role.
Intriguingly, several of the groups appeared to know about the vulnerability before it was announced by Microsoft on March 2.
Ben Read, a director with cybersecurity company FireEye Inc. , said he could not confirm the exact details in the ESET post but said his company had also seen “multiple likely-China groups” using the Microsoft flaws in different waves.
ESET researcher Matthieu Faou said in an email it was “very uncommon” for so many different cyber espionage groups to have access to the same information before it is made public.
He speculated that either the information “somehow leaked” ahead of the Microsoft announcement or it was found by a third party that supplies vulnerability information to cyber spies.
Taiwan-based researchers reported to Microsoft on Jan. 5 that they had found two new flaws which need patching. Those two were among those that began being used by the attackers shortly before or after the friendly report.
They said were investigating whether there had been a theft or leak on their side, since exploitation was discovered in the wild the same week later. So far, the group called Devcore said, they had found no evidence.
Top-flight hackers are also commonly targeted by other hackers. Just this week, Microsoft patched one of the flaws used by suspected North Koreans in attempts to steal information from Western researchers.
But simultaneous discovery happens fairly often, in part because researchers use the same or similar tools to hunt for serious flaws, and many eyes are looking at the same high-value targets.
“It is very likely that some actor groups may have being using these vulnerabilities and led to the result of the attacks being observed by other information security vendors,” Devcore member Bowen Hsu told Reuters.
But the security industry has been abuzz with other theories, including a hack of Microsoft’s systems for tracking bugs, which has happened in the past.

 

 


Primary schools empty as smog persists in India’s capital New Delhi

Updated 57 min 27 sec ago
Follow

Primary schools empty as smog persists in India’s capital New Delhi

  • New Delhi and the surrounding metropolitan area, home to more than 30 million people, consistently tops world rankings for air pollution in winter
  • The smog is blamed for thousands of premature deaths each year and is an annual source of misery for residents

NEW DELHI: Residents in India’s capital New Delhi again woke under a blanket of choking smog on Friday, a day after authorities closed primary schools and imposed measures aimed at alleviating the annual crisis.
Delhi and the surrounding metropolitan area, home to more than 30 million people, consistently tops world rankings for air pollution in winter.
The smog is blamed for thousands of premature deaths each year and is an annual source of misery for residents, with various piecemeal government initiatives failing to measurably address the problem.
All primary schools were shut by government order on Thursday night with young pupils – particularly vulnerable to smog-related ailments due to their age – instead moving to online lessons.
“I have an eight-year-old kid and he has been suffering from a cough the past couple of days,” Delhi resident Satraj, who did not give his surname, said on the streets of the capital.
“The government did the right thing by shutting down schools.”
Thursday’s edict also banned construction work, ordered drivers of older diesel-powered vehicles to stay off the streets and directed water trucks to spray roads in a bid to clear dust particles from the air.
Delhi’s air quality nonetheless deteriorated to “hazardous” levels for the fourth consecutive day this week, according to monitoring firm IQAir.
Levels of PM2.5 pollutants – dangerous cancer-causing microparticles that enter the bloodstream through the lungs – were recorded more than 26 times above the World Health Organization’s recommended daily maximum shortly after dawn on Friday.
Critics have consistently said that authorities have fallen short in their duty to tackle a crisis that blights the city each year.
“We haven’t responded to the emergency with the same intensity with which we are facing this crisis,” Sunil Dahiya of New Delhi-based advocacy group Envirocatalysts said.
The acrid smog over New Delhi each year is primarily blamed on stubble burning by farmers in nearby states to clear their fields for plowing.
A report by broadcaster NDTV on Friday said that more than 7,000 individual farm fires had been recorded in Punjab state, to the capital’s north.
Emissions from industry and numerous coal-fired power stations ringing the city, along with vehicle exhaust and the burning of household waste, also play a part.
“Since we haven’t yet carried out any systemic long-term changes, like the way we commute, generate power, or manage our waste, even the curtailed emissions will be high,” Dahiya said.
Cooler temperatures and slow-moving winds worsen the situation by trapping deadly pollutants each winter.
A study in The Lancet medical journal attributed 1.67 million premature deaths to air pollution in the world’s most populous country in 2019.


World’s most polluting cities revealed at COP29 as frustration grows at fossil fuel presence

Updated 15 November 2024
Follow

World’s most polluting cities revealed at COP29 as frustration grows at fossil fuel presence

  • Cities in Asia and the United States emit the most heat-trapping gas that feeds climate change, and Shanghai is the most polluting
  • That’s according to new data that combines observations and artificial intelligence to quantify emissions around the world

BAKU: Cities in Asia and the United States emit the most heat-trapping gas that feeds climate change, with Shanghai the most polluting, according to new data that combines observations and artificial intelligence.
Nations at UN climate talks in Baku, Azerbaijan are trying to set new targets to cut such emissions and figure out how much rich nations will pay to help the world with that task. The data comes as climate officials and activists alike are growing increasingly frustrated with what they see as the talks’ — and the world’s — inability to clamp down on planet-warming fossil fuels and the countries and companies that promote them.
Seven states or provinces spew more than 1 billion metric tons of greenhouse gases, all of them in China, except Texas, which ranks sixth, according to new data from an organization co-founded by former US Vice President Al Gore and released Friday at COP29.
Using satellite and ground observations, supplemented by artificial intelligence to fill in gaps, Climate Trace sought to quantify heat-trapping carbon dioxide, methane and nitrous oxide, as well as other traditional air pollutants worldwide, including for the first time in more than 9,000 urban areas.
Earth’s total carbon dioxide and methane pollution grew 0.7 percent to 61.2 billion metric tons with the short-lived but extra potent methane rising 0.2 percent. The figures are higher than other datasets “because we have such comprehensive coverage and we have observed more emissions in more sectors than are typically available,” said Gavin McCormick, Climate Trace’s co-founder.
Plenty of big cities emit far more than some nations
Shanghai’s 256 million metric tons of greenhouse gases led all cities and exceeded those from the nations of Colombia or Norway. Tokyo’s 250 million metric tons would rank in the top 40 of nations if it were a country, while New York City’s 160 million metric tons and Houston’s 150 million metric tons would be in the top 50 of countrywide emissions. Seoul, South Korea, ranks fifth among cities at 142 million metric tons.
“One of the sites in the Permian Basin in Texas is by far the No. 1 worst polluting site in the entire world,” Gore said. “And maybe I shouldn’t have been surprised by that, but I think of how dirty some of these sites are in Russia and China and so forth. But Permian Basin is putting them all in the shade.”
China, India, Iran, Indonesia and Russia had the biggest increases in emissions from 2022 to 2023, while Venezuela, Japan, Germany, the United Kingdom and the United States had the biggest decreases in pollution.
The dataset — maintained by scientists and analysts from various groups — also looked at traditional pollutants such as carbon monoxide, volatile organic compounds, ammonia, sulfur dioxide and other chemicals associated with dirty air. Burning fossil fuels releases both types of pollution, Gore said.
This “represents the single biggest health threat facing humanity,” Gore said.
Climate talks wrestle with fossil fuel interests
Gore criticized the hosting of climate talks, called COPs, by Azerbaijan, an oil nation and site of the world’s first oil wells, and by the United Arab Emirates last year.
“It’s unfortunate that the fossil fuel industry and the petrostates have seized control of the COP process to an unhealthy degree,” Gore said. “Next year in Brazil, we’ll see a change in that pattern. But, you know, it’s not good for the world community to give the No. 1 polluting industry in the world that much control over the whole process.”
Brazil President Luiz Inácio Lula da Silva has called for more to be done on climate change and has sought to slow deforestation since returning for a third term as president. But Brazil last year produced more oil than both Azerbaijan and the United Arab Emirates, according to the US Energy Information Administration.
On Friday, former UN secretary-general Ban Ki-moon, former UN climate chief Christina Figueres and leading climate scientists released a letter calling for “an urgent overhaul” on climate talks.
The letter said the “global climate process has been captured and is no longer fit for purpose” in response to Azerbaijan’s president Ilham Aliyev saying that oil and gas are a “gift of the gods.”
UN Environment Programme Executive Director Inger Andresen said she understands much of the frustration in the letter calling for massive reform of the negotiation process, but said their push to slash emissions fits nicely with UN Secretary-General Antonio Guterres’ constant prodding.
One key benefit of the UN climate talks process is it is the only place where victim small island nations have an equal seat at the table, Andersen told The Associated Press. But the process has its limits because “the rules of the game are set by member states,” she said.
An analysis from the Kick Big Polluters Out coalition said Friday that the official attendance list of the talks featured at least 1,770 fossil fuel lobbyists.
At a press conference with small island nations chair Cedric Schuster said the negotiating bloc feels the need to remind everyone else why the talks matter.
“We’re here to defend the Paris agreement,” Schuster said, referring to the climate deal in 2015 to limit warming to 1.5 degrees Celsius (2.7 Fahrenheit). “We’re concerned that countries are forgetting that protecting the world’s most vulnerable is at the core of this framework.”


Daesh group gunmen kill politician in Pakistan

Updated 15 November 2024
Follow

Daesh group gunmen kill politician in Pakistan

  • Attackers escaped after shooting the Islamist politician in Bajaur district, near the border with Afghanistan where militants remain active

PESHAWAR, Pakistan: Gunmen from the regional branch of the Daesh group have killed a politician in northwest Pakistan, police and the militants said Friday.
“Jamaat-e-Islami Bajaur leader Sufi Hameed was leaving the mosque after offering prayers after sunset (Thursday) when two masked men on a motorcycle opened fire on him,” senior police official Waqar Rafiq said.
The official said the attackers escaped after shooting the Islamist politician in Bajaur district, near the border with Afghanistan where militants remain active.
Islamic State Khorasan (IS-K) said its “soldiers shot an official of the apostate political party,” in a message on Telegram.
The local chapter of the Daesh group accuses religious political parties of going against strict religious preachings and supporting the country’s government and the military.
IS-K has recently carried out several attacks against political parties, including a suicide bomb blast at a rally in Bajaur last year which killed at least 54 people including 23 children.
“In this year alone, they have killed at least 39 people in targeted attacks and bomb explosions” in Bajaur, a senior local security official said on the condition of anonymity.
In both Khyber Pakhtunkhwa province, where Bajuar is located, and Balochistan province in the southwest, armed Islamist or separatist groups regularly target security forces and state representatives.
Militants operating in Pakistan include Tehreek-e-Taliban Pakistan (TTP), the country’s homegrown Taliban group.
Pakistan has seen a sharp rise in militant attacks in regions bordering Afghanistan since the Taliban returned to power in the country in 2021.


Fire breaks out at a Spanish nursing home, killing at least 10 people

Updated 15 November 2024
Follow

Fire breaks out at a Spanish nursing home, killing at least 10 people

  • Authorities were alerted of the blaze early Friday morning in Villa Franca de Ebro
  • Fire took place just weeks after devastating flash floods in Valencia killed more than 200 people

MADRID: At least 10 people died in a blaze at a nursing home in Zaragoza, Spain, before firefighters managed to extinguish it, local authorities reported on Friday.
Authorities were alerted of the blaze early Friday morning in Villa Franca de Ebro, about 30 minutes from the northeastern city.
The cause of the fire was not yet known, local media reported.
Jorge Azcon, head of the regional government of Aragon, whose capital city is Zaragoza, confirmed the deaths and said on X, formerly Twitter, that all government events in the region were canceled for the day.
Spanish Prime Minister Pedro Sanchez also expressed his shock over the fire and deaths.
The fire took place just weeks after devastating flash floods in Valencia killed more than 200 people and destroyed thousands of homes. The floods were the worst natural disaster in Spain’s recent history.


South Korean opposition leader handed suspended jail term

Updated 15 November 2024
Follow

South Korean opposition leader handed suspended jail term

  • Case concerns statements Lee Jae-myung made on the campaign trail, when he narrowly lost to incumbent President Yoon Suk Yeol in 2022

SEOUL: A South Korean court handed the country’s opposition leader a suspended prison sentence Friday for violating election laws — a ruling that may prevent him from running in the next presidential election.
The Seoul Central District Court found Lee Jae-myung, the leader of the main opposition Democratic Party, guilty and handed him a suspended one-year jail term, a court spokesperson told AFP.
The case concerns statements Lee made on the campaign trail, when he narrowly lost to incumbent President Yoon Suk Yeol in 2022.
Prosecutors had asked for a two-year prison sentence, saying Lee made a false statement in a TV interview in December 2021 that made people think he did not know Kim Moon-ki, a key figure in a controversial development project.
Kim had been found dead days earlier, although police found no evidence of foul play.
Lee was also accused of lying during a parliamentary hearing in 2021 in connection with another controversial development in Seongnam, where he was previously mayor.
The court ruled that the fact Lee made false statements on TV “greatly amplified their impact and reach,” it said in the written verdict.
Supporters wept outside the court after the verdict was announced, and Lee immediately vowed to appeal.
“The verdict is very difficult to accept,” he said.
If it is upheld on appeal, Lee will be stripped of his parliamentary seat and prohibited from running for public office for the next five years — which would include the 2027 presidential election.
Lee is seen as a leading contender in South Korea’s upcoming presidential election, due for early 2027, but the 60-year-old faces a slew of legal cases.
His other trials relate to corruption involving the Seongnam development project, an illegal $8 million cash transfer to North Korea, and pressuring a former mayoral secretary to provide false court testimony in his favor.
A former child factory worker who suffered an industrial accident as a teenage school drop-out, Lee rose to political stardom partly by playing up his rags-to-riches tale.
But his bid for the top office has been overshadowed by a series of scandals. He has also faced scrutiny due to persistent rumors linking him to organized crime.
At least five individuals connected to Lee’s various scandals, including late official Kim, have been found dead, many in what appeared to be suicides.
In January, Lee was stabbed in the neck by an attacker — who said he wanted to prevent him from “becoming president.”
Despite strict legal time limits, Lee’s cases are moving slowly through the courts, and public, acrimonious, drawn-out appeals could cause “considerable chaos in the political landscape,” Shin Yul, professor of political science at Myongji University, said.
“The Democratic Party is set to significantly escalate its attacks on the ruling party,” in a bid to convince the public their leader is not guilty, he said.
“However, it is also probable that the South Korean public will not be entirely supportive of Lee Jae-myung. Once a one-year prison sentence is issued, most people are now likely perceive him as guilty.”