Security researchers warn that multiple cyber-espionage groups are targeting the recently addressed zero-day vulnerabilities in Microsoft Exchange Server and say that more than 300 web shells have been identified on the compromised servers. read more SecurityWeek RSS Feed
Patch ASAP: Holes used to raid top-tier targets and stash info in Kim Dotcom’s old cloud file locker Microsoft says Beijing-backed hackers are exploiting four zero-day vulnerabilities in Exchange Server to steal data from US-based defense contractors, law firms, and infectious disease researchers.… The Register – Security
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive related to recently fixed Microsoft Exchange zero-days. The US Cybersecurity and Infrastructure Security Agency (CISA) has issued the Emergency Directive 21-02 in response to the disclosure of zero-day vulnerabilities in Microsoft Exchange. This week Microsoft has released emergency out-of-band security updates that address four […]
Microsoft has released emergency patches to address four previously undisclosed security flaws in Exchange Server that it says are being actively exploited by a new Chinese state-sponsored threat actor with the goal of perpetrating data theft. Describing the attacks as “limited and targeted,” Microsoft Threat Intelligence Center (MSTIC) said the adversary used these vulnerabilities to access The Hacker […]