government agencies as well as political and military institutions in the u.s. were targeted by a group of hackers nicknamed “Strontium”.
hackers have taken advantage of a vulnerability in Windows to attack targets u.s. policies, announced Microsoft on Tuesday. Among the authorities involved, government agencies as well as political and military institutions have been targeted by an extensive campaign of phishing attacks, writes Terry Myerson, corporate vice president of Microsoft support including Windows, on a official blog of the group. This process consists of sending personalized letters, giving the illusion that they come from an official body to inspire the confidence of recipients, and allow for the recovery of confidential information.
This technique has been combined with the exploitation of security flaws in Windows as well as in Flash, an Adobe software. Terry Myerson provides, however, that the users using the browser Edge and the latest version of Windows 10 should be spared from such an attack. The group of hackers accused had intended to install backdoors on computers in order to then be able to enter at any time. It is known as the “Strontium” by Microsoft, code name to qualify APT28 or ” Fancy Bear, a Russian group believed to have hacked into the servers of the democratic party in full presidential campaign.
Against the advice of Microsoft, researchers at Google who had made these vulnerabilities public on Monday, describing them as “particularly serious” and stating that they are “actively exploited”.
The approach of Google was considered disappointing by Microsoft, who regrets that his rival did not wait for the problem to be solved. Interviewed by Venture Beat, a spokesperson of Microsoft points out that Google’s announcement, made prior to the provision of patches, fact “run an increased risk to consumers”. The patches in question, installed to be protected against faults of this type, are currently in the testing phase and should be the subject of an update to the November 8, ” says Microsoft on 2 November.
Google has indicated that they have awarded seven days to Microsoft from the 21 October to deal with the problem before making it public.
No comments:
Post a Comment