Earlier this month, Microsoft announced plans for a new Azure Region to North China in 2022 through its local operating partner, 21Vianet.
This expansion is expected to effectively double the capacity of Microsoft’s intelligent cloud portfolio in China in the coming years, which includes Azure, Microsoft Office 365, Dynamics 365, and Power Platform operated by 21Vianet.
21Vianet has served as Microsoft Azure’s local partner in China since 2014.
“This unveils a big opportunity. Microsoft Cloud operated by 21Vianet was the first international public cloud compliantly launched in China through a local operating partner. Our intelligent, trustworthy, and neutral cloud platform has been empowering hundreds of thousands of developers, partners, and customers from both China and the world to achieve more with technical innovation and business transformation. The upcoming region will reinforce the capabilities to help further nurture local talents, stimulate local innovation, grow local technology ecosystems, and empower businesses in a wide range of industries to achieve more,” states Alain Crozier, Chairman and Chief Executive Officer of Microsoft Greater China Region (GCR).
https://azure.microsoft.com/en-us/blog/new-azure-region-coming-to-china-in-2022/
Microsoft Exchange hit by state-sponsored hackers from China
Microsoft warned enterprises using its on-premises Exchange Server platforms of multiple 0-day exploits being used in limited and targeted attacks. The exploit does not affect Microsoft 365 or Azure Cloud deployments.
Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures. HAFNIUM, which primarily targets entities in the United States across a number of industry sectors, exfiltrates data to file sharing sites like MEGA. The group is believed to use leased virtual private servers (VPS) in the United States to launch their attacks
In the attacks observed, HAFNIUM used the newly discovered vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments.
According to media reports, the attack potentially compromised up to 30,000 organizations.
Microsoft has released out-of-band security updates to address four vulnerabilities in Exchange Server. In addition, Microsoft has released alternative mitigation techniques for Exchange Server customers who are not able to immediately apply updates that address vulnerabilities.
Separately, the U.S. Cybersecurity and Infrastructure Security Agency issued a directive requiring federal civilian departments and agencies running Microsoft Exchange on-premises products to update or disconnect the products from their networks.
In addition, the European Banking Authority confirmed that it was compromised by the attack, and that as a precautionary measure, the EBA has decided to take its email systems offline.
https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/
