Security News > 2021 > March > Podcast: Microsoft Exchange Server Attack Onslaught Continues
Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, gives insight into the surge in attacks against vulnerable Microsoft Exchange servers over the last week.
Weeks after the disclosure around the ProxyLogon group of security bugs, exploitation attempts against unpatched Microsoft Exchange servers have skyrocketed.
Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, said that last week researchers with FortiGuard Labs saw activity double over two days for cybercriminals targeting the vulnerabilities.
The attackers are using the flaws to deploy cryptominers, ransomware and other malicious campaigns, he said.
Manky also warns security teams against having "Tunnel vision" for the Microsoft Exchange attacks: "There's a lot more happening here beyond Microsoft Exchange attacks," he said.
In this week's Threatpost podcast, Manky talks about how security defenders can disrupt cybercriminals - from the attackers targeting Microsoft Exchange attacks to ones looking to target insecure IoT devices.
News URL
https://threatpost.com/podcast-microsoft-exchange-server-attack-onslaught-continues/164968/
Related news
- Microsoft confirms Windows Server 2025 blue screen, install issues (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools (source)
- Microsoft Exchange adds warning to emails abusing spoofing flaw (source)
- Microsoft fixes bugs causing Windows Server 2025 blue screens, install issues (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Microsoft 365 outage impacts Exchange Online, Teams, Sharepoint (source)
- New NachoVPN attack uses rogue VPN servers to install malicious updates (source)