Exchange Server Attacks Spread After Disclosure of Flaws

Healthcare Info Security

Jeremy Kirk

Just days after Microsoft disclosed four zero-day flaws in Microsoft Exchange email servers, attackers are going on a wide hunt for vulnerable machines, some security experts say.

Steven Adair, president of Volexity, which first reported the vulnerabilities, says that over the past few days the Chinese hacking group accused of initially exploiting the flaws has shifted into high gear, stepping up attacks on any vulnerable, unpatched Exchange servers worldwide. At least 30,000 organizations across the United States are infected, and the attackers now have control over “hundreds of thousands” of Microsoft Exchange Servers worldwide, reports KrebsOnSecurity, citing unnamed U.S. national security advisors. Krebs also quotes Adair as saying. “Even if you patched the same day Microsoft published its patches, there’s still a high chance there is a web shell on your server. The truth is, if you’re running Exchange and you haven’t patched this yet, there’s a very high chance that your organization is already compromised.”

Infected machines are left with...

Get the Morning Update

Thanks for subscribing!