Microsoft Exchange Exploits Pave a Ransomware Path
#1
Information 
Quote:Cybercriminals are now using compromised Microsoft Exchange servers as a foothold to deploy a new ransomware family called DearCry, Microsoft has warned.
 
The ransomware is the latest threat to beleaguer vulnerable Exchange servers, emerging shortly after Microsoft issued emergency patches in early March for four Microsoft Exchange flaws. The flaws can be chained together to create a pre-authentication remote code execution (RCE) exploit – meaning that attackers can take over servers without knowing any valid account credentials.
 
The flaws give attackers the opportunity to install a webshell for further exploitation within the environment — and now, researchers say attackers are downloading the new ransomware strain (a.k.a. Ransom:Win32/DoejoCrypt.A) as part of their post-exploitation activity on unpatched servers.
 
“We have detected and are now blocking a new family of ransomware being used after an initial compromise of unpatched on-premises Exchange Servers,” Microsoft said on Twitter, Thursday.

Read more: Microsoft Exchange Exploits Pave a Ransomware Path | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes
26.7.3 New notes ...Kool — 03:49
Mozilla Firefox Browser 152.0.5
Mozilla Firefox Br...harlan4096 — 10:11
HWiNFO v8.48
HWiNFO v8.48 R...harlan4096 — 10:10
AdGuard for Mac 2.19
AdGuard for Mac 2....harlan4096 — 10:08
AnyViewer 5.8.0 for Windows
AnyViewer 5.8.0 fo...harlan4096 — 10:05

[-]
Birthdays
Today's Birthdays
avatar (48)ConradRoand
Upcoming Birthdays
avatar (46)RidgeDimb
avatar (37)ipumaqar
avatar (51)tanliorsPeri
avatar (43)lapedDow
avatar (49)rituabew
avatar (37)omyjul
avatar (41)papedDow
avatar (50)ArnoldFum
avatar (38)yfaza
avatar (49)Kevensi
avatar (39)boineDon
avatar (51)spoofTum
avatar (50)WillieVot
avatar (40)Grompelbawn
avatar (41)vkseogaF
avatar (37)usogy
avatar (40)ywixazok
avatar (38)ixoqe
avatar (36)pa.OpenTran

[-]
Online Staff
There are no staff members currently online.

>