Security News > 2021 > March > More hacking groups join Microsoft Exchange attack frenzy
More state-sponsored hacking groups have joined the ongoing attacks targeting tens of thousands of on-premises Exchange servers impacted by severe vulnerabilities tracked as ProxyLogon.
Exchange servers attacked by multiple hacking groups.
ESET has now published a new report saying that unpatched Exchange servers are currently hunted down by "At least 10 APT groups."
Detailed info on the servers compromised by these hacking groups and the threat actors behind the not yet attributed malicious activity, including indicators of compromise, can be found in ESET's report.
Exchange servers worldwide, the Dutch Institute for Vulnerability Disclosure reported Tuesday that it found 46,000 servers unpatched against the heavily exploited ProxyLogon vulnerabilities.
Redmond has also updated the Microsoft Safety Scanner tool to help customers detect web shells deployed in the ongoing Exchange Server attacks.
News URL
Related news
- Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Microsoft issues 117 patches – some for flaws already under attack (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft Exchange adds warning to emails abusing spoofing flaw (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)