Security News > 2021 > March > More hacking groups join Microsoft Exchange attack frenzy

More state-sponsored hacking groups have joined the ongoing attacks targeting tens of thousands of on-premises Exchange servers impacted by severe vulnerabilities tracked as ProxyLogon.
Exchange servers attacked by multiple hacking groups.
ESET has now published a new report saying that unpatched Exchange servers are currently hunted down by "At least 10 APT groups."
Detailed info on the servers compromised by these hacking groups and the threat actors behind the not yet attributed malicious activity, including indicators of compromise, can be found in ESET's report.
Exchange servers worldwide, the Dutch Institute for Vulnerability Disclosure reported Tuesday that it found 46,000 servers unpatched against the heavily exploited ProxyLogon vulnerabilities.
Redmond has also updated the Microsoft Safety Scanner tool to help customers detect web shells deployed in the ongoing Exchange Server attacks.
News URL
Related news
- Microsoft Exchange Online outage affects Outlook web users (source)
- Microsoft: Exchange Online bug mistakenly quarantines user emails (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- Microsoft investigates global Exchange Admin Center outage (source)
- Microsoft Defender will isolate undiscovered endpoints to block attacks (source)
- Microsoft: Exchange 2016 and 2019 reach end of support in six months (source)