It should be noted that usually after compromising the next phases are intelligence (data collection on information systems), and afterwards – information theft. Several such incidents have already been reported in Ukraine. Ransom demanded by the criminals in one of the confirmed cases amounted to over 16 thousand dollars.Ĭompromised servers are also used to send malware to further infect as many organizations as possible. The facts of infecting vulnerable systems by ransomware, in particular, new families DearCry, DoejoCrypt have been confirmed. The vulnerability is exploited not only by intelligence groups but also by cybercriminals. The greatest activity in exploiting vulnerable systems was demonstrated by the Chinese cyber espionage group Hafnium, but now the activity of other hacker groups has been also confirmed, including Tick (Bronze Butler), LuckyMouse (APT27), Calypso, Websiic, Winnti Group (BARIUM, APT41), Tonto (CactusPete), ShadowPad, Microceen, DLTMiner. ![]() ![]() There is no information on vulnerabilities in cloud versions of Microsoft 365, Exchange Online, Azure Cloud. Local versions of Microsoft Exchange Server 2010, Microsoft Exchange Server 2013, Microsoft Exchange Server 2016, Microsoft Exchange Server 2019 are vulnerable. Moreover, the successful exploitation of vulnerabilities allows unauthorized access to the resources of the organization’s internal network. If the vulnerabilities are successfully exploited, attackers can execute arbitrary code on vulnerable systems and gain full access to the compromised server, including access to files, e-mail, accounts, etc. The National Coordination Center for Cybersecurity at the National Security and Defense Council of Ukraine warns of the active exploitation of vulnerabilities in the widespread software product Microsoft Exchange. ![]() The NCCC at the NSDC of Ukraine warns of high level of cyber threats due to the exploitation of vulnerabilities in Microsoft Exchange National Security and Defense Council of Ukraine ![]() The NCCC at the NSDC of Ukraine warns of high level of cyber threats due to the exploitation of vulnerabilities in Microsoft Exchange - National Security and Defense Council of Ukraine
0 Comments
Leave a Reply. |