Microsoft Exchange Archives - Gridinsoft Blogs

Security News

Over 2000 Exchange Servers Hacked Using ProxyShell Exploit

ByVladimir KrasnogolovyAugust 26, 2021

Researchers at Huntress Labs estimate that over the past few days, about 2,000 Microsoft Exchange mail servers have been compromised and infected with backdoors, because their owners have not installed patches to fix ProxyShell vulnerabilities. Let me remind you that the

Security News

Hackers exploit ProxyShell vulnerabilities to install backdoors

ByVladimir KrasnogolovyAugust 16, 2021

Experts warn that hackers are attacking Microsoft Exchange servers, exploiting ProxyShell vulnerabilities, and installing backdoors on them for subsequent access. Let me remind you that the vulnerabilities, which are collectively called ProxyShell, were recently discussed at

Security News

US and UK accused China for attacks on Microsoft Exchange servers

ByVladimir KrasnogolovyJuly 20, 2021

The United States and a coalition of its allies, including the EU, Britain and NATO, have formally accused China and its authorities of a large-scale hacking campaign to break into Microsoft Exchange servers. Let me remind you that these attacks have been going on since the

Security News

Epsilon Red ransomware threatens Microsoft Exchange servers

ByVladimir KrasnogolovyJune 1, 2021

Sophos experts have discovered the Epsilon Red ransomware that exploits vulnerabilities in Microsoft Exchange servers to attack other machines on the network. Experts write that the malware is based on many different scripts, and Epsilon Red operators use a commercial remote

Security News

GitHub Developers Review Exploit Posting Policy Due to Recent Scandal

ByVladimir KrasnogolovyApril 30, 2021

The GitHub developers review the exploit posting policy and want to discuss with the information security community a series of changes to the site rules. These rules determine how employees deal with malware and exploits uploaded to the platform. The proposed changes imply

Security News

Prometei botnet attacks vulnerable Microsoft Exchange servers

ByVladimir KrasnogolovyApril 23, 2021

Since the patches for ProxyLogon problems were still not installed, cybercriminals continue their activity, for example, the updated Prometei botnet attacks vulnerable Microsoft Exchange servers. Researchers from Cybereason Nocturnus discovered Prometei malware, which mines

Security News

FBI removed web shells from vulnerable Microsoft Exchange servers without informing owners

ByVladimir KrasnogolovyApril 14, 2021

The US Department of Justice reported that a court in early April granted the FBI special powers and the bureau removed web shells previously installed by hackers on vulnerable Exchange servers in the United States. The FBI also had the power to remove other malware (without

Security News

Microsoft Introduces One-Click ProxyLogon Fix Tool

ByVladimir KrasnogolovyMarch 16, 2021

Microsoft developers have released a tool called EOMT (Exchange On-premises Mitigation Tool) designed to install updates on Microsoft Exchange servers and one-click ProxyLogon vulnerabilities fix. The utility is already available for download on the company’s GitHub.

Security News

GitHub removed ProxyLogon exploit and has been criticized

ByVladimir KrasnogolovyMarch 12, 2021

The administration of the GitHub service has removed a real working exploit for the ProxyLogon vulnerabilities in Microsoft Exchange, though information security specialists have sharply criticized GitHub. Yesterday we wrote that an independent information security

Security News

Researcher Published PoC Exploit for ProxyLogon Vulnerabilities in Microsoft Exchange

ByVladimir KrasnogolovyMarch 11, 2021

An independent information security researcher from Vietnam has presented a PoC exploit for ProxyLogon vulnerabilities in Microsoft Exchange, whose viability has already been confirmed by such well-known experts. Last week, Microsoft engineers released unscheduled patches