![]() The APT originally managed to breach these systems by actively exploiting vulnerabilities this eventually turned into nine distinct criminal groups doing simultaneous exploitation of the same vulnerabilities, gaining footholds in vulnerable systems, and deploying the ‘DearCry’ ransomware (named as such due to the similar file encryption headers to 2017’s WannaCry). However, unlike SolarWinds, this was not a supply chain attack. Just like SolarWinds, this attack is suspected to have been originally carried out as targeted long-term espionage activity by Advanced Persistent Threats (APTs) with considerable resources at their disposal. That said, deployments will remain vulnerable until the April update is applied. The vulnerabilities have been fixed (the fixes are available in the Microsoft April 2021 Security Update), and at the end of March, Microsoft declared that 92% of all deployments have been patched against the attack. Hot on the heels of the SolarWinds hack, hundreds of thousands of organizations were hacked between January 2021 and March 2021 through at least four (possibly seven!) different zero-day vulnerabilities in the Microsoft Exchange e-mail server software. ![]() ![]() ![]() Everyone talked about the attacks on Microsoft Exchange servers, but what about the vulnerabilities that enabled them? ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |