Microsoft Exchange attack timeline (Source: ESET)
Serious vulnerabilities in Microsoft Exchange have been exploited by at least 10 advanced persistent threat groups that have been collectively been hitting thousands of companies over the last three months, security researchers warn.
Full details of the attacks and groups involved - when known - have been released by researchers at Slovakia-based security firm ESET. They say at least several APT groups also began attacks that exploit the flaws, prior to Jan. 5, which is when Microsoft says it first learned about the vulnerabilities. This suggests that multiple threat actors gained access to the details of the vulnerabilities before the release of the patch, which means we can discard the possibility that they built an exploit by reverse-engineering Microsoft updates, ESET researchers say.