Security News

Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits
2021-03-12 00:39

Threat actors are now installing a new ransomware called 'DEARCRY' after hacking into Microsoft Exchange servers using the recently disclosed ProxyLogon vulnerabilities. Since Microsoft revealed earlier this month that threat actors were compromising Microsoft Exchange servers using new zero-day ProxyLogon vulnerabilities, a significant concern has been when threat actors would use it to deploy ransomware.

New DEARCRY Ransomware is targeting Microsoft Exchange Servers
2021-03-12 00:39

Threat actors are now installing a new ransomware called 'DEARCRY' after hacking into Microsoft Exchange servers using the recently disclosed ProxyLogon vulnerabilities. Since Microsoft revealed earlier this month that threat actors were compromising Microsoft Exchange servers using new zero-day ProxyLogon vulnerabilities, a significant concern has been when threat actors would use it to deploy ransomware.

Microsoft Exchange Servers Face APT Attack Tsunami
2021-03-11 18:01

Recently patched Microsoft Exchange vulnerabilities are under fire from at least 10 different advanced persistent threat groups, all bent on compromising email servers around the world. Microsoft said in early March that it had spotted multiple zero-day exploits in the wild being used to attack on-premises versions of Microsoft Exchange Server.

Microsoft Exchange hack: Why so many enterprises still run their own Exchange servers
2021-03-11 02:18

Commentary: Enterprises try their best to secure their data, but running on-premises mail servers arguably doesn't do this. We can have a debate about how soon enterprises should embrace cloud.

Beware the IDEs of March: Microsoft's latest monthly fixes land after frantic Exchange Server updates
2021-03-09 22:09

A week after Microsoft warned that four zero-day flaws and three others in its Exchange Server were being actively exploited and issued out-of-band remediation, the cloudy Windows biz has delivered software fixes to address 82 other vulnerabilities as part of its monthly Patch Tuesday ritual. Microsoft says two of these vulnerabilities are publicly known and five are under active exploitation.

z0Miner botnet hunts for unpatched ElasticSearch, Jenkins servers
2021-03-09 15:37

A cryptomining botnet spotted last year is now targeting and attempting to take control of Jenkins and ElasticSearch servers to mine for Monero cryptocurrency. Z0Miner is a cryptomining malware strain spotted in November by the Tencent Security Team, who saw it infecting thousands of servers by exploiting a Weblogic security vulnerability.

Microsoft releases ProxyLogon updates for unsupported Exchange Servers
2021-03-09 13:01

Microsoft has released security updates for Microsoft Exchange servers running unsupported Cumulative Update versions vulnerable to ProxyLogon attacks. These additional security updates are meant to be installed only on machines running Exchange Server versions not supported by the original Match 2021 security patches released a week ago, only if the admin can't find an update path to a supported version.

Microsoft Server Hack Has Victims Hustling to Stop Intruders
2021-03-09 04:14

Victims of a massive global hack of Microsoft email server software - estimated in the tens of thousands by cybersecurity responders - hustled Monday to shore up infected systems and try to diminish chances that intruders might steal data or hobble their networks. While the hack doesn't pose the kind of national security threat as the more sophisticated SolarWinds campaign, which the Biden administration blames on Russian intelligence officers, it can be an existential threat for victims who didn't install the patch in time and now have hackers lingering in their systems.

European Banking Authority discloses Exchange server hack
2021-03-08 16:05

The European Banking Authority took down all email systems after their Microsoft Exchange Servers were hacked as part of the ongoing attacks targeting organizations worldwide. Last week, Microsoft patched multiple zero-day vulnerabilities affecting on-premises versions of Microsoft Exchange Server and exploited in ongoing attacks coordinated by multiple state-sponsored hacking groups.

US National Security Council urges review of Exchange Servers in wake of Hafnium attack
2021-03-08 04:58

The Biden administration has urged users of Microsoft's Exchange mail and messaging server to ensure they have not fallen victim to the recently-detected "Hafnium" attack on Exchange Server that Microsoft says originated in China. Microsoft revealed the attack last week and released Exchange security updates.