Security News > 2021 > March > More hacking groups join Microsoft Exchange attack frenzy
More state-sponsored hacking groups have joined the ongoing attacks targeting tens of thousands of on-premises Exchange servers impacted by severe vulnerabilities tracked as ProxyLogon.
Exchange servers attacked by multiple hacking groups.
ESET has now published a new report saying that unpatched Exchange servers are currently hunted down by "At least 10 APT groups."
Detailed info on the servers compromised by these hacking groups and the threat actors behind the not yet attributed malicious activity, including indicators of compromise, can be found in ESET's report.
Exchange servers worldwide, the Dutch Institute for Vulnerability Disclosure reported Tuesday that it found 46,000 servers unpatched against the heavily exploited ProxyLogon vulnerabilities.
Redmond has also updated the Microsoft Safety Scanner tool to help customers detect web shells deployed in the ongoing Exchange Server attacks.
News URL
Related news
- Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation (source)
- Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Microsoft fixes under-attack privilege-escalation holes in Hyper-V (source)
- Microsoft: Exchange 2016 and 2019 reach end of support in October (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)
- Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)