Nation-state hackers breached the networks of two US municipalities last year, the FBI said in a security alert sent to private industry partners last week. An anonymous reader writes: The hacks took place after attackers used the CVE-2019-0604 vulnerability in Microsoft SharePoint servers to breach the two municipalities’ networks. The FBI says that once attackers got a foothold on these networks, “malicious activities included exfiltration of user information, escalation of administrative privileges, and the dropping of webshells for remote/backdoor persistent access.” “Due to the sophistication of the compromise and Tactics, Techniques, and Procedures (TTPs) utilized, the FBI believes unidentified nation-state actors are involved in the compromise,” the agency said in its security alert. The FBI could not say if both intrusions were carried out by the same group. The agency also did not name the two hacked municipalities; however, it reported the two breaches in greater detail, listing the attackers’ steps in each incident.
of this story at Slashdot.
Source:: Slashdot