Monday, March 8, 2021

Microsoft Exchange zero-day attacks: 30,000 servers hit already, says report

Some clients have reported an increase of junk/spam emails in the last week.  If your organization still uses an onsite Exchange server then you need to be aware that it needs to be patched now or taken offline.

the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued an order to agencies to apply the patches for on-premise Exchange systems or to simply disconnect vulnerable servers after seeing "active exploitation" of the vulnerabilities. In other words, patch now or cut off a vital communications tool. 

So far 4 previously unknown vulnerabilities are being used in attacks against thousands of companies, perhaps tens of thousands organizations.

Microsoft released patches for a critical flaw last year and warned Exchange users to update their servers but said that months later tens of thousands of server remain unpatched despite attacks from nation-state hackers.

This latest attack is being carried out by a previously unknown group called Hafnium who the Department of Homeland Security's (CISA) Cybersecurity and Infrastructure Agency thinks is based in China.

The Hafnium hackers have accelerated attacks on vulnerable Exchange servers since Microsoft released the patches.

CISA's former directory thinks government agencies and small businesses will be more affected by these attacks than large enterprise. 

To read the full article please click on the following link;

https://www.zdnet.com/article/microsoft-exchange-zero-day-attacks-30000-servers-hit-already-says-report/?ftag=TRE-03-10aaa6b&bhid=2219791&mid=13291744&cid=716603217


If you haven't already seen an increase in spam activity, expect to and be careful that you don't open up your systems to an attack.  The following article details the most common ploys used to distribute malware and attacks.

Phishing: These are the most common techniques used to attack your PC

Microsoft Office macros, PowerShell and more are still proving to be popular with cyber criminals distributing attacks via phishing emails, warn researchers after analysing billions of attacks.

https://www.zdnet.com/article/phishing-these-are-the-most-common-techniques-used-to-attack-your-pc/

and it's not just  PCs being attacked.

30,000 Macs infected with new Silver Sparrow malware

Silver Sparrow can even run on systems with Apple's new M1 chip.

"According to data provided by Malwarebytes, Silver Sparrow had infected 29,139 macOS endpoints across 153 countries as of February 17, including high volumes of detection in the United States, the United Kingdom, Canada, France, and Germany," 

https://www.zdnet.com/article/30000-macs-infected-with-new-silver-sparrow-malware/


- No comments:
Labels: , , , , , , , , , , ,
Subscribe to: Posts (Atom)

Say it's not so! Windows 12 is coming in 2024. Apple iPhone malware/exploits.

Windows 12 is coming soon in 2024 I've read too many emails and articles hinting at a new Windows in the months leading up to 2024 and n...