);
//]]>// >By John P. Mello Jr.
Mar 10, 2021 4:00 AM PT
Microsoft on Monday reported that multiple malicious actors were taking advantage of vulnerabilities in the company s Exchange software last week to attack systems at organizations that have failed to patch the flaws.
To help organizations that haven t deployed Microsoft s security tools, the company released the malware hashes and known malicious file paths which can be used to address the vulnerabilities manually.
Microsoft revealed on March 4 that it had detected multiple zero-day exploits being used to attack on-premise versions of its Exchange Server software. It added that in the attacks observed by the company, the threat actor used the vulnerabilities to access email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments.
Microsoft Confident Exchange Hack Is State-Sponsored Operation | Hacking technewsworld.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from technewsworld.com Daily Mail and Mail on Sunday newspapers.
Mandiant: MS Exchange bugs first exploited in January
Analysis from technical teams at FireEye’s Mandiant tracked activity exploiting newly disclosed vulnerabilities in Microsoft Exchange Server more than a month ago
Share this item with your network: By Published: 05 Mar 2021 15:00
Malicious actors were abusing four vulnerabilities disclosed this week in on-premise instances of Microsoft Exchange Server as far back as January 2021, according to a new report produced by FireEye Mandiant researchers Matt Bromiley, Chris DiGiamo, Andrew Thompson and Robert Wallace.
Disclosed earlier this week alongside an out-of-sequence patch, exploitation of the four vulnerabilities, one rated critical and three medium, was linked by Microsoft to a Chinese advanced persistent threat (APT) group known as Hafnium, although there is already bountiful evidence to suggest exploitation of the CVEs goes far beyond one group.