Security News

Another ransomware operation known as 'Black Kingdom' is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ransomware.

Another ransomware operation known as 'Black Kingdom' is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ransomware.

DDoS-for-hire services are now actively abusing misconfigured or out-of-date Datagram Transport Layer Security servers to amplify Distributed Denial of Service attacks. According to reports that surfaced in December, a DDOS attack used DTLS to amplify traffic from vulnerable Citrix ADC devices that used DTLS configurations without a 'HelloClientVerify' anti-spoofing mechanism designed to block such abuse.

Ongoing Office 365-themed phishing campaign targets executives, assistants, financial departmentsA sophisticated and highly targeted Microsoft Office 365 phishing campaign is being aimed at C-suite executives, executive assistants and financial departments across numerous industries. As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leakMicrosoft Exchange servers around the world are still getting compromised via the ProxyLogon and three other vulnerabilities patched by Microsoft in early March.

Stellar launched the latest version of its flagship mailbox database repair software for Microsoft Exchange Server. Stellar Repair for Exchange v10 is now available globally and introduces a slew of new & enhanced features to expedite mailbox recovery from corrupted and dismounted Exchange databases in vast scenarios.

DTEX Systems announced that it has broadened the reach of its Workforce Cyber Security Platform, DTEX InTERCEPT, with enhanced capabilities to monitor and secure server infrastructures. "If the Tesla, General Electric, Microsoft Exchange and Verkada attacks have taught us anything, it is that we need to rethink server visibility, detection and protection," said Mohan Koo, Co-founder and CTO, DTEX Systems.

Email security biz Mimecast has dumped SolarWinds' network monitoring tool in favour of Cisco's Netflow product after falling victim to the infamous December supply chain attack. In an incident report detailing its experiences of the SolarWinds compromise, Mimecast said it had "Decommissioned SolarWinds Orion and replaced it with an alternative NetFlow monitoring system".

ASUS announced the introduction of a comprehensive server portfolio based on the latest AMD EPYC 7003 series processors. The new ASUS RS720A, RS700A, RS520A and RS500A-E11 series servers offer refreshed designs based on both dual-socket and single-socket AMD EPYC 7003 series processors.

Roughly 80,000 Exchange servers have yet to receive patches for the actively exploited vulnerabilities, Microsoft says. Over the course of last week, Microsoft released additional fixes for these vulnerabilities, including security updates for older and unsupported Exchange Server versions, or Cumulative Updates, as the company calls them.

Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon and three other vulnerabilities patched by Microsoft in early March. A. Human operated ransomware attacks are utilizing the Microsoft Exchange vulnerabilities to exploit customers.