> TritonInfoSec News
Home / May 14, 2026 / Story
0
#10 The Hacker News general May 13, 2026 at 13:00 UTC

Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation

By [email protected] (The Hacker News)

AI Summary

Bitdefender attributed a multi-wave intrusion against an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026 to FamousSparrow (aka UAT-9244), a China-linked APT group, via repeated exploitation of Microsoft Exchange. The campaign represents an expansion of FamousSparrow's targeting beyond its traditionally observed sectors of hospitality, telecom, and government into critical energy infrastructure in the South Caucasus. Exchange exploitation remains a primary initial access vector for Chinese APT groups, and energy sector defenders in the region should audit Exchange server exposure and patch status immediately.

Read full article → https://thehackernews.com/2026/05/azerbaijani-ener…

Relevance score: 74.0/100

# More from May 14

  1. 1
    Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws The Hacker News
  2. 2
    Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises SecurityWeek
  3. 3
    Windows BitLocker zero-day gives access to protected drives, PoC released BleepingComputer
  4. 4
    New critical Exim mailer flaw allows remote code execution BleepingComputer
  5. 5
    Hundreds of Malicious Packages Force RubyGems to Suspend Registrations SecurityWeek
  6. 6
    Instructure pays ransom after Canvas incident as Congress announces investigation The Record
  7. 7
    Foxconn confirms cyberattack claimed by Nitrogen ransomware gang BleepingComputer
  8. 8
    Android Adds Intrusion Logging for Sophisticated Spyware Forensics The Hacker News
  9. 9
    Fortinet, Ivanti Patch Critical Vulnerabilities SecurityWeek