Security News > 2021 > March > Podcast: Microsoft Exchange Server Attack Onslaught Continues

Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, gives insight into the surge in attacks against vulnerable Microsoft Exchange servers over the last week.
Weeks after the disclosure around the ProxyLogon group of security bugs, exploitation attempts against unpatched Microsoft Exchange servers have skyrocketed.
Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, said that last week researchers with FortiGuard Labs saw activity double over two days for cybercriminals targeting the vulnerabilities.
The attackers are using the flaws to deploy cryptominers, ransomware and other malicious campaigns, he said.
Manky also warns security teams against having "Tunnel vision" for the Microsoft Exchange attacks: "There's a lot more happening here beyond Microsoft Exchange attacks," he said.
In this week's Threatpost podcast, Manky talks about how security defenders can disrupt cybercriminals - from the attackers targeting Microsoft Exchange attacks to ones looking to target insecure IoT devices.
News URL
https://threatpost.com/podcast-microsoft-exchange-server-attack-onslaught-continues/164968/
Related news
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- New OpenSSH flaws expose SSH servers to MiTM and DoS attacks (source)
- Microsoft's End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- Over 37,000 VMware ESXi servers vulnerable to ongoing attacks (source)
- Microsoft Exchange Online outage affects Outlook web users (source)