Washington: US and UK cybersecurity agencies accused Russia’s foreign intelligence service SVR of exploiting recently discovered flaws in Microsoft’s mailing software.
“The group has… been observed making use of numerous vulnerabilities, most recently the widely reported Microsoft Exchange vulnerability,” the US Cybersecurity and Infrastructure Security Agency and British National Cyber Security Center said in a joint advisory.
Loopholes in the popular mail and calendaring software allowed malign actors to steal emails from servers around the world. Experts estimated that at least ten different hacking groups attempted to take advantage of the flaws before they were fixed by the developer.
Last month, the US government accused Russia’s intelligence agency SVR of orchestrating the SolarWinds hacking attack – a cyberespionage campaign that exploited vulnerabilities of commercial patches and updates to target 16,000 computer systems worldwide, mostly in America. Russia has rejected all allegations as baseless.