Security News > 2020 > October > Microsoft Exchange, Outlook Under Siege By APTs
New, sophisticated adversaries are switching up their tactics in exploiting enterprise-friendly platforms - most notably Microsoft Exchange, Outlook Web Access and Outlook on the Web - in order to steal business credentials and other sensitive data.
APTs Flock Exchange, OWA. One advanced persistent threat group that has been targeting Exchange and OWA is what researchers dub "BELUGASTURGEON".
This file exploits the CVE- 2017-11774 Outlook vulnerability, a security-feature bypass vulnerability that affects Microsoft Outlook and enables attackers to execute arbitrary commands, researchers said.
Cybercriminals are also targeting services that support Exchange and OWA. For instance, client-access servers, which handle all client connections to Exchange Server 2010 and Exchange 2013, typically operate in web-login portals for services including OWA. Attackers with access to CAS may be able to deploy capabilities to steal user login credentials, researchers said.
Beyond malware, Microsoft is top of the heap when it comes to hacker impersonations - with Microsoft products and services featuring in nearly a fifth of all global brand phishing attacks in the third quarter of this year, according to Check Point researchers.
News URL
https://threatpost.com/microsoft-exchange-outlook-apts/160273/
Related news
- Microsoft Outlook workaround fixes freezes when copying text (source)
- Microsoft Exchange adds warning to emails abusing spoofing flaw (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- Microsoft 365 outage impacts Exchange Online, Teams, Sharepoint (source)
- Microsoft re-releases Exchange updates after fixing mail delivery (source)