Security News > 2020 > October > Microsoft Exchange, Outlook Under Siege By APTs
New, sophisticated adversaries are switching up their tactics in exploiting enterprise-friendly platforms - most notably Microsoft Exchange, Outlook Web Access and Outlook on the Web - in order to steal business credentials and other sensitive data.
APTs Flock Exchange, OWA. One advanced persistent threat group that has been targeting Exchange and OWA is what researchers dub "BELUGASTURGEON".
This file exploits the CVE- 2017-11774 Outlook vulnerability, a security-feature bypass vulnerability that affects Microsoft Outlook and enables attackers to execute arbitrary commands, researchers said.
Cybercriminals are also targeting services that support Exchange and OWA. For instance, client-access servers, which handle all client connections to Exchange Server 2010 and Exchange 2013, typically operate in web-login portals for services including OWA. Attackers with access to CAS may be able to deploy capabilities to steal user login credentials, researchers said.
Beyond malware, Microsoft is top of the heap when it comes to hacker impersonations - with Microsoft products and services featuring in nearly a fifth of all global brand phishing attacks in the third quarter of this year, according to Check Point researchers.
News URL
https://threatpost.com/microsoft-exchange-outlook-apts/160273/
Related news
- Microsoft shares Outlook workaround for Gmail sign-in issues (source)
- Microsoft shares temp fix for Outlook, Word crashes when typing (source)
- Microsoft shares workaround for Outlook crashing after opening (source)
- Microsoft: Exchange Online mistakenly tags emails as malware (source)
- Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) (source)
- Microsoft fixes Outlook email sending issue for users with many folders (source)