"According to a statement issued by the company, an investigation conducted with the assistance of CrowdStrike showed that the hackers exploited an unspecified zero-day vulnerability to gain access to a "small number" of attorneys' email accounts. The probe showed that the attack was likely the work of a state-sponsored hacker group known to have recently targeted law firms and other companies."
"While the company's statement does not mention China, The New York Times learned that Chinese hackers targeted Williams & Connolly, along with other law firms. The publication also learned that Williams & Connolly has been telling clients that the hackers are unlikely to sell or publish the information they obtained. It's unclear if they are related, but Google's Threat Intelligence Group and Mandiant reported recently that China-linked cyberespionage groups have targeted the legal services sector, including through the exploitation of zero-day vulnerabilities."
State-sponsored hackers exploited an unspecified zero-day vulnerability to access a small number of Williams & Connolly attorneys' email accounts, based on an investigation assisted by CrowdStrike. The firm represents prominent political figures and major corporations. The probe found the attack likely originated from a state-sponsored group that has recently targeted law firms and other companies. Williams & Connolly reported no evidence that confidential client data was stolen or that other IT systems were compromised. Separate intelligence indicates China-linked groups have targeted the legal sector, often maintaining prolonged access, and some campaigns have impersonated U.S. figures to deliver malware.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]