Security News > 2021 > March > Podcast: Microsoft Exchange Server Attack Onslaught Continues

Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, gives insight into the surge in attacks against vulnerable Microsoft Exchange servers over the last week.
Weeks after the disclosure around the ProxyLogon group of security bugs, exploitation attempts against unpatched Microsoft Exchange servers have skyrocketed.
Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, said that last week researchers with FortiGuard Labs saw activity double over two days for cybercriminals targeting the vulnerabilities.
The attackers are using the flaws to deploy cryptominers, ransomware and other malicious campaigns, he said.
Manky also warns security teams against having "Tunnel vision" for the Microsoft Exchange attacks: "There's a lot more happening here beyond Microsoft Exchange attacks," he said.
In this week's Threatpost podcast, Manky talks about how security defenders can disrupt cybercriminals - from the attackers targeting Microsoft Exchange attacks to ones looking to target insecure IoT devices.
News URL
https://threatpost.com/podcast-microsoft-exchange-server-attack-onslaught-continues/164968/
Related news
- Over 37,000 VMware ESXi servers vulnerable to ongoing attacks (source)
- Microsoft Exchange Online outage affects Outlook web users (source)
- Microsoft: Exchange Online bug mistakenly quarantines user emails (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- Hijacked Microsoft web domain injects spam into SharePoint servers (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)
- Microsoft investigates global Exchange Admin Center outage (source)
- Microsoft Defender will isolate undiscovered endpoints to block attacks (source)
- Microsoft: Windows Server 2025 restarts break connectivity on some DCs (source)