Report: New Ransomware Variant Targeting Microsoft Exchange Servers
Health IT Security
Threat actors with likely ties to REvil ransomware are targeting and successfully exploiting vulnerabilities in Microsoft Exchange Servers with a new malware variant in cyberattacks against enterprise networks, according to a recent Sophos report.
Observed in attacks launched last week, the malware variant called Epsilon Red is written in Go programming language and deployed during the final executable payload of a human-operated cyberattack.
The ransomware variant is relatively simple but it’s attack features a host of steps and obfuscation techniques that could challenge IT teams with detection and remediation, including the use of PowerShell scripts in every early stage component.
“[Epsilon Red is] compiled using a tool called...