Researchers from two security outfits have observed malware campaigns abusing Microsoft’s OneNote application since the software giant began blocking macros by default last year.
minute read
Share this article:
Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered.
Cryptojacking can be added to the list of threats that face any unpatched Exchange servers that remain vulnerable to the now-infamous ProxyLogon exploit, new research has found.
Researchers discovered the threat actors using Exchange servers compromised using the highly publicized exploit chain which suffered a barrage of attacks from advanced persistent threat (APT) groups to infect systems with everything from ransomware to webshells to host Monero cryptomining malware, according to a report posted online this week by SophosLabs.