As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leak

apt attack Don't miss enterprise ESET Exploit Featured news Incident Response Microsoft Microsoft Exchange News PoC Ransomware remediation security update SMB

Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon (CVE-2021-26855) and three other vulnerabilities patched by Microsoft in early March. While the initial attacks were attributed by Microsoft to a threat actor dubbed Hafnium, believed to be a state-sponsored group that operates from China, the same exploits were subsequently used by at least 10 APT groups – mostly for data theft, espionage, and for covert crypto-mining. Security researchers have warned that … More

The post As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leak appeared first on Help Net Security.

Source: help net security.com