Security News > 2021 > March > More hacking groups join Microsoft Exchange attack frenzy
More state-sponsored hacking groups have joined the ongoing attacks targeting tens of thousands of on-premises Exchange servers impacted by severe vulnerabilities tracked as ProxyLogon.
Exchange servers attacked by multiple hacking groups.
ESET has now published a new report saying that unpatched Exchange servers are currently hunted down by "At least 10 APT groups."
Detailed info on the servers compromised by these hacking groups and the threat actors behind the not yet attributed malicious activity, including indicators of compromise, can be found in ESET's report.
Exchange servers worldwide, the Dutch Institute for Vulnerability Disclosure reported Tuesday that it found 46,000 servers unpatched against the heavily exploited ProxyLogon vulnerabilities.
Redmond has also updated the Microsoft Safety Scanner tool to help customers detect web shells deployed in the ongoing Exchange Server attacks.
News URL
Related news
- Microsoft fixes 6 zero-days under active attack (source)
- Microsoft: Exchange Online mistakenly tags emails as malware (source)
- U.S. Agencies Warn of Iranian Hacking Group's Ongoing Ransomware Attacks (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)