AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Race into space windows cheat4/2/2023 Security researchers warned that APT groups are scanning internet-facing Exchange servers, compromising those that are unpatched now and deciding later which servers warrant post-compromise activity.Ĭybersecurity firm Check Point said it has seen “hundreds of exploit attempts” against organisations worldwide. This increases the likelihood that many organisations were compromised in January and February 2021, with the earliest in the wild exploitation detected on 3 January by cybersecurity firm Volexity.ĮSET telemetry data shows dramatic spikes in exploitations after Microsoft published its patches, which suggests that in publicising the fix the tech giant has unwittingly put the vulnerability high on the radar for APT groups. According to ESET these cybercriminal groups include LuckyMouse, Calypso and the Winnti Group.ĮSET said its data suggests “multiple threat actors gained access to the details of the vulnerabilities before the release of the patch”. The Exchange vulnerabilities have already been jumped on by advanced persistent threat (APT) groups. However, patching does not protect companies that have already been compromised and users have been advised to run scans checking for suspicious network activity. Microsoft has urged organisations running their own Exchange to implement security patches. “It could take several months or even years for a true tally of the damage to come to light,” said Matt Lock, technical director at cybersecurity company Varonis. The true scale of the damage is likely to be much larger than currently reported. However, early reports suggest the total number of organisations affected tops 100,000 globally, surpassing the scale of the recent SolarWinds hack. Initially, Microsoft said the Exchange hack had only affected a “limited” number of customers. Known victims include the European Banking Authority and the Norwegian Parliament. Slovakian internet security company ESET said it detected web shells on more than 5,000 email servers globally as of Thursday.
0 Comments
Read More
Leave a Reply. |