Total Tests:

Exchange Server vulnerabilities being exploited with ransomware, says Microsoft

By Howard Solomon for IT World Canada
Friday, March 12, 2021

Some cyber gangs gather terabytes of open-source intelligence about internet software. Once a zero-day vulnerability appears, they sell compiled lists of IP addresses or URLs known to run the vulnerable software to other gangs, according to Ilya Kolochenko, founder and chief architect of ImmuniWeb SA. “This bolsters both the speed and efficiency of the exploitation. Combined with ransomware, such hacking campaigns bring huge and easy profits to perpetrators.

“However, today, I don’t see any special risks in the continuous exploitation of Microsoft Exchange flaws. First, some of the zero-days require special exploitation conditions, such as a user account or an accessible web interface for the SSRF RCE (server-side request forgery remote code execution),” Kolochenko explained. “Thus, breached organizations likely failed to implement some security hardening or IDR processes. Moreover, organizations who are still unpatched are likely grossly negligent and probably have been already compromised before by a myriad of other vulnerabilities and attack vectors.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential