Microsoft has recently claimed that cyber attack capabilities china It has increased thanks to a new law in the country that has allowed Beijing to launch and store a large portion of unreported and hidden computer vulnerabilities. In this regard, China’s 2021 law requires companies to first report security vulnerabilities to local authorities before releasing them publicly or sending them to other entities.
In this regard, using these laws, China can conduct local investigations to covertly and maliciously use these vulnerabilities. In this regard, one year after the implementation of this law, the researchers of the Atlantic Council found that the reported vulnerabilities in China have decreased in the past year, and in this regard, anonymous reports have experienced a significant increase in this regard.
A recent Microsoft Digital Defense report released last Friday also confirms that the new law may enable the Chinese government to exploit these vulnerabilities before they become public. In this regard, Microsoft has acknowledged that the increase in the use of unknown Zero-Day vulnerabilities by the Chinese last year indicates the new effects of this law in China and the possible use of the government of that country to exploit these unknown vulnerabilities.
The software giant described Chinese government-sponsored cyber threat actors as adept at developing methods to exploit zero-day vulnerabilities.
In this regard, Microsoft has made available several important and problematic vulnerabilities that have been used by malicious Chinese hackers for the first time, some of which include CVE-2021-35211 SolarWinds Serv-U, CVE-2021-42321 Microsoft Exchange and CVE-2021-40539 Zoho. According to Microsoft, Chinese hackers have increased cyber espionage and data theft attacks to counter US efforts to increase influence in Southeast Asia.
- Information disclosure of 65 thousand Microsoft customers due to misconfiguration of the server
- Drop feature of Microsoft Edge browser makes it possible to transfer files between computer and phone
- For the first time since 2018, Microsoft has published the financial statistics of the very successful GitHub