New Lemon Duck variants exploiting Microsoft Exchange Server

Credit to Author: rajeshnataraj| Date: Fri, 07 May 2021 12:30:35 +0000

In March, Microsoft published a set of critical fixes to Exchange Server following the discovery of  ProxyLogon–an exploit that was stolen or leaked from researchers within hours of its disclosure to Microsoft. The exploit is now widely available to cybercriminals, and unpatched and vulnerable Microsoft Exchange Servers continue to attract many threat actors to install cryptocurrency-miners, [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/f5mbGzsxNSo” height=”1″ width=”1″ alt=””/>

Read more

Ransomware disrupts food supply chain, Exchange exploitation suspected

Credit to Author: Malwarebytes Labs| Date: Wed, 14 Apr 2021 11:54:05 +0000

The disruption of food logistics company shows how the target isn’t the only victim of a successful ransomware attack.

Categories: AwarenessRansomware

Tags:

(Read more…)

The post Ransomware disrupts food supply chain, Exchange exploitation suspected appeared first on Malwarebytes Labs.

Read more

Black Kingdom ransomware begins appearing on Exchange servers

Credit to Author: Mark Loman| Date: Tue, 23 Mar 2021 22:08:10 +0000

A novel, if not particularly well made, ransomware is spreading to Exchange servers that haven’t been patched against the ProxyLogon exploit<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/ssVNHdak6Bk” height=”1″ width=”1″ alt=””/>

Read more

MTR in Real-Time: Exchange ProxyLogon Edition

Credit to Author: Michael Heller| Date: Wed, 17 Mar 2021 16:32:29 +0000

The recently reported collection of Microsoft Exchange Server zero-day vulnerabilities has rocked the infosec world, impacting tens of thousands of organizations around the world, with some estimates exceeding 100,000 and growing by the day. The exploitations seen in the wild were first attributed to a nation state actor dubbed Hafnium, but the vulnerabilities and attacks [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/GdZsNVuZwSw” height=”1″ width=”1″ alt=””/>

Read more

ProxyLogon PoCs trigger a game of whack-a-mole

Credit to Author: Pieter Arntz| Date: Tue, 16 Mar 2021 18:15:04 +0000

Microsoft and others are trying to keep working ProxyLogon PoCs out of the hands of cybercriminals and script-kiddies.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post ProxyLogon PoCs trigger a game of whack-a-mole appeared first on Malwarebytes Labs.

Read more