Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon (CVE-2021-26855) and three other vulnerabilities patched by Microsoft in early March. While the initial attacks were attributed by Microsoft to a threat actor dubbed Hafnium, believed to be a state-sponsored group that operates from China, the same exploits were subsequently used by at least 10 APT groups – mostly for data theft, espionage, and for covert crypto-mining. Security researchers have warned that … More
The post As attacks on Exchange servers escalate, Microsoft investigates potential PoC exploit leak appeared first on Help Net Security.
Source: help net security.com