Hafnium’s cyber espionage campaign, which exploited the now patched Exchange Server Zero Days, turned into multiple campaigns in late February, carried out by both state and criminal threat actors. France 24’s report on the incident confirms the headline: It has become a “global crisis”.

The criminal interest in the use of unpatched Exchange servers continues unabated. According to Check Point, the attacks observed have increased by an order of magnitude over the past week. KnowBe4 reports a similar increase in account identity attempts.

CISA has updated its recommendations on how to deal with Microsoft Exchange Server exploitation and added guidance on China Chopper webshells used against victims. The UK’s National Cyber ​​Security Center (NCSC), like its colleagues in the US, Germany and elsewhere, has urged all public and private organizations to apply Microsoft’s patches as soon as possible. They also recommend that all organizations look for signs of compromise by threat actors …


Source link

Leave a Reply