Takeaway: CISA and CGYBER recommend all organizations who did not immediately apply available patches to assume Log4Shell compromise and initiate threat hunting activities. .
The Department of Justice unsealed two indictments charging four defendants, all Russian nationals working for the Russian government, in hacking campaigns.
CISA Details Malware Found on Hacked Exchange Servers securityweek.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from securityweek.com Daily Mail and Mail on Sunday newspapers.
The Department of Homeland Security s Cybersecurity & Infrastructure Security Agency (CISA) has provided ongoing updates to its Mitigate Microsoft Exchange Server Vulnerabilities webpage since Microsoft released out-of-band security updates for four Exchange Server flaws on March 2. In the following weeks, attackers have begun to scan for and exploit the bugs in target organizations around the world.
On March 13, CISA updated its guidance to provide seven Malware Analysis Reports (MARs), each of which identifies a China Chopper Web shell associated with vulnerability exploitation in Microsoft Exchange Servers. After an attacker successfully exploits a target server to gain initial access in these intrusions, they typically upload a Web shell to enable remote administration.