![]() CVE-2021-26855, a server-side request forgery (SSRF) vulnerability.CVE-2021-26857, a Unified Messaging service insecure deserialization vulnerability.HAFNIUM used the following vulnerabilities to gain access to Exchange servers, according to Microsoft. What are the Microsoft Exchange Server vulnerabilities hackers are exploiting? Microsoft credits both Volexity and Dubex for sounding the alarm on the attacks and aiding with the investigation. The security firm Volexity first identified suspicious activity on some of their clients’ Exchange servers in January 2021. However, in a more recent post, the supplier noted that criminal groups other than HAFNIUM had begun taking advantage of the server vulnerabilities to launch their own cyberattacks, including onslaughts of ransomware. Microsoft attributed the initial attacks to HAFNIUM, a state-sponsored group based in China, according to a blog post published March 2. Who’s responsible for the cyberattacks on Exchange servers and when did they start? If your company utilizes an Exchange server that hackers could potentially breach via these vulnerabilities, here’s everything you should know about the ongoing attacks, what you can do to fix weak points in your server and how to identify indicators of compromise (IOCs). Earlier this month, Microsoft announced that malicious actors were leveraging zero-day exploits to infiltrate on-premises versions of Microsoft Exchange Server.
0 Comments
Leave a Reply. |