Security News > 2021 > March > Podcast: Microsoft Exchange Server Attack Onslaught Continues
Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, gives insight into the surge in attacks against vulnerable Microsoft Exchange servers over the last week.
Weeks after the disclosure around the ProxyLogon group of security bugs, exploitation attempts against unpatched Microsoft Exchange servers have skyrocketed.
Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, said that last week researchers with FortiGuard Labs saw activity double over two days for cybercriminals targeting the vulnerabilities.
The attackers are using the flaws to deploy cryptominers, ransomware and other malicious campaigns, he said.
Manky also warns security teams against having "Tunnel vision" for the Microsoft Exchange attacks: "There's a lot more happening here beyond Microsoft Exchange attacks," he said.
In this week's Threatpost podcast, Manky talks about how security defenders can disrupt cybercriminals - from the attackers targeting Microsoft Exchange attacks to ones looking to target insecure IoT devices.
News URL
https://threatpost.com/podcast-microsoft-exchange-server-attack-onslaught-continues/164968/
Related news
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Microsoft fixes Remote Desktop issues caused by Windows Server update (source)
- New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks (source)
- Microsoft issues 117 patches – some for flaws already under attack (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)