Threat Actors Have Hacked Microsoft Exchange Servers

Share post:

Threat actors are hacking Microsoft Exchange servers. This is made possible by the use of ProxyShell and ProxyLogon exploits. This is used to spread malware and bypass detection by using stolen internal response chain e-mails.

TrendMicro researchers reveal how attackers distribute malicious emails through the compromised Microsoft Exchange server of the victim to the internal users of an organization.

The researchers explained that the attackers exploit Microsoft Exchange servers to then reply to in-house emails in response chain attacks that contain links embedded with malware documents.

This tactic is considered to be very effective as it comes from the same internal network, which indicates that it is very secure.

Once the link is clicked, malicious macros are executed to download and install the malware included in the attachment.

For more information, read the original story in Bleeping Computer.

SUBSCRIBE NOW

Related articles

Hertz Data Breach Exposes Customer Information via Supply Chain Hack

Hertz has disclosed a data breach resulting from a cyberattack on its vendor, Cleo Communications, which compromised sensitive...

Google’s New Security Feature – Automatic Reboot

Google is introducing a new security feature in its latest Android update that will automatically reboot phones and...

Cybersecurity Firm Prodaft Buys Hacker Forum Accounts to Monitor Cybercriminal Activity

Swiss cybersecurity company Prodaft has initiated a program to purchase verified and aged accounts on hacking forums, aiming...

Operation Endgame: Burnaby, BC Resident Arrested As Cops Go After Individual Hackers

As part of Operation Endgame, international law enforcement agencies have arrested a Burnaby, British Columbia resident accused of...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways