Security News
Roughly 80,000 Exchange servers have yet to receive patches for the actively exploited vulnerabilities, Microsoft says. Over the course of last week, Microsoft released additional fixes for these vulnerabilities, including security updates for older and unsupported Exchange Server versions, or Cumulative Updates, as the company calls them.
Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon and three other vulnerabilities patched by Microsoft in early March. A. Human operated ransomware attacks are utilizing the Microsoft Exchange vulnerabilities to exploit customers.
Intelligence agencies and cybersecurity researchers had been warning that unpatched Exchange Servers could open the pathway for ransomware infections in the wake of swift escalation of the attacks since last week. According to the latest reports, cybercriminals are leveraging the heavily exploited ProxyLogon Exchange Server flaws to install a new strain of ransomware called "DearCry."
One overriding concern has been when will ransomware actors use the vulnerabilities to compromise and encrypt mail servers. Last night our fears became a reality after ID-Ransomware creator Michael Gillespie revealed that the new DearCry Ransomware targeted Microsoft Exchange servers.
Threat actors are now installing a new ransomware called 'DEARCRY' after hacking into Microsoft Exchange servers using the recently disclosed ProxyLogon vulnerabilities. Since Microsoft revealed earlier this month that threat actors were compromising Microsoft Exchange servers using new zero-day ProxyLogon vulnerabilities, a significant concern has been when threat actors would use it to deploy ransomware.
Threat actors are now installing a new ransomware called 'DEARCRY' after hacking into Microsoft Exchange servers using the recently disclosed ProxyLogon vulnerabilities. Since Microsoft revealed earlier this month that threat actors were compromising Microsoft Exchange servers using new zero-day ProxyLogon vulnerabilities, a significant concern has been when threat actors would use it to deploy ransomware.
Recently patched Microsoft Exchange vulnerabilities are under fire from at least 10 different advanced persistent threat groups, all bent on compromising email servers around the world. Microsoft said in early March that it had spotted multiple zero-day exploits in the wild being used to attack on-premises versions of Microsoft Exchange Server.
Commentary: Enterprises try their best to secure their data, but running on-premises mail servers arguably doesn't do this. We can have a debate about how soon enterprises should embrace cloud.
A week after Microsoft warned that four zero-day flaws and three others in its Exchange Server were being actively exploited and issued out-of-band remediation, the cloudy Windows biz has delivered software fixes to address 82 other vulnerabilities as part of its monthly Patch Tuesday ritual. Microsoft says two of these vulnerabilities are publicly known and five are under active exploitation.
A cryptomining botnet spotted last year is now targeting and attempting to take control of Jenkins and ElasticSearch servers to mine for Monero cryptocurrency. Z0Miner is a cryptomining malware strain spotted in November by the Tencent Security Team, who saw it infecting thousands of servers by exploiting a Weblogic security vulnerability.