Security News > 2021 > March > As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leak

Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon and three other vulnerabilities patched by Microsoft in early March.
A. Human operated ransomware attacks are utilizing the Microsoft Exchange vulnerabilities to exploit customers.
The source of the Microsoft Exchange exploit still unknown.
Microsoft is reportedly investigating whether those who created the exploit might have obtained a "Proof of concept" attack code that the company distributed on February 23 to 80 or so security partners through its Microsoft Active Protections Program.
Microsoft Security Team says that on-premises Exchange servers are most often used by small and medium-sized businesses, "Although larger organizations with on-premises Exchange servers have also been affected."
Microsoft has released Exchange On-Premises Mitigation Tool, which quickly performs the initial steps for mitigating the ProxyLogon flaw on any Exchange server and attempts to remediate found compromises.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/tLAkZ4lHpTk/
Related news
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks (source)
- DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects (source)
- Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks (source)
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution (source)