Category Archives: Exchange Server

Unpatched Microsoft Exchange Servers hit with cryptojacking

Posted on by

Hackers are hitting Microsoft Exchange Servers with a Monero cryptominer, according to Sophos research published Tuesday. The attackers, which Sophos did not identify, began their apparently financially-motivated campaign shortly after Microsoft announced four zero-day vulnerabilities, according to Sophos. The attacker has lost several of the servers it has compromised to steal Monero — a kind of cryptocurrency — from victims, an indication that those with vulnerable machines are applying patches and hunting for compromise. But over the past month, the hackers have tackled new vulnerable servers to exploit, indicating some are still not paying attention to patching notices, Sophos warned. There were fewer than 10,000 vulnerable systems in the U.S. as of March 22, according to the National Security Council, compared with 120,000 entities that were vulnerable when the vulnerabilities were discovered. As of late March over 92% of affected servers were patched or mitigated, according to Microsoft. This particular […]

The post Unpatched Microsoft Exchange Servers hit with cryptojacking appeared first on CyberScoop.

Continue reading Unpatched Microsoft Exchange Servers hit with cryptojacking

With court order, FBI removes hundreds of Exchange Server web shells from US organizations

Posted on by

The FBI has used a court order to remove malicious code from hundreds of U.S. computers running the Microsoft Exchange Server email program, Justice Department officials announced Tuesday. The court-ordered removal of the web shells, or scripts used by hackers for persistent access, is one of the most aggressive actions taken yet by U.S. government officials or corporate executives to combat the Exchange Server vulnerabilities since Microsoft announced on March 2 that suspected Chinese spies were exploiting them. The alleged Chinese hackers used the flaws to steal emails from targeted organizations, according to private-sector analysts, but an array of scammers have since exploited the bugs for their own purposes. In the days after Microsoft revealed the vulnerabilities, incident responders estimated that tens of thousands of U.S. organizations running Exchange Server could be exposed to potential hacking. Many of those organizations have removed the web shells, but Justice Department officials said […]

The post With court order, FBI removes hundreds of Exchange Server web shells from US organizations appeared first on CyberScoop.

Continue reading With court order, FBI removes hundreds of Exchange Server web shells from US organizations

NSA says it found new critical vulnerabilities in Microsoft Exchange Server

Posted on by

The National Security Agency on Tuesday said it alerted Microsoft to a fresh batch of critical vulnerabilities that hackers could exploit to remotely compromise the Exchange Server email software program. Microsoft said that it hadn’t see any hacks using the vulnerabilities on its customers, but the news comes at a time of heightened concern over bugs in Exchange Server. Microsoft on March 2 revealed that suspected Chinese spies had exploited another set of flaws in Exchange Server to siphon off emails from targeted U.S. organizations. A bevy of opportunistic cybercriminals proceeded to exploit those vulnerabilities, to which tens of thousands of U.S. businesses and state and local organizations were reportedly exposed. The latest software bugs that the NSA discovered are in the 2013, 2016 and 2019 versions of Exchange Server. Microsoft said that the vulnerabilities, if exploited, could allow an attacker to execute code remotely on a target computer. Like […]

The post NSA says it found new critical vulnerabilities in Microsoft Exchange Server appeared first on CyberScoop.

Continue reading NSA says it found new critical vulnerabilities in Microsoft Exchange Server

White House asks for additional $110 million in CISA funding to address cyber threats

Posted on by

The White House on Friday asked Congress for $110 million in additional funding in 2022 to help the Department of Homeland Security shore up federal and state defenses in the wake of high-profile hacking operations.  The money would allow DHS’s Cybersecurity and Infrastructure Security Agency to improve its defensive tools, hire more experts and “obtain support services to protect and defend federal information technology systems,” Shalanda Young, the acting director of the Office of Management and Budget, wrote in an April 9 letter to congressional appropriators. It would add to a recent $650 million funding boost for CISA that was part of the coronavirus relief package cleared by Congress. The White House’s discretionary funding request for CISA in fiscal 2022 totals $2.1 billion, or $110 million more than Congress allotted the agency the previous fiscal year. Discretionary budgets are those that Congress can alter with appropriations bills, in contrast to the […]

The post White House asks for additional $110 million in CISA funding to address cyber threats appeared first on CyberScoop.

Continue reading White House asks for additional $110 million in CISA funding to address cyber threats

Black Kingdom Ransomware Jumps on the Exchange Express

Posted on by

When Microsoft announced that it discovered a state-sponsored threat group, Hafnium, was exploiting four separate zero-day vulnerabilities, the InfoSec community was already looking into their crystal ball to predict when other groups and cybercrimina… Continue reading Black Kingdom Ransomware Jumps on the Exchange Express

Black Kingdom Ransomware Jumps on the Exchange Express

Posted on by

When Microsoft announced that it discovered a state-sponsored threat group, Hafnium, was exploiting four separate zero-day vulnerabilities, the InfoSec community was already looking into their crystal ball to predict when other groups and cybercrimina… Continue reading Black Kingdom Ransomware Jumps on the Exchange Express

Mayorkas pledges to modernize US cyber-defenses after their failure to detect alleged Russian spies

Posted on by

A suspected Russian hacking campaign exposed glaring shortcomings in the U.S. government’s approach to cybersecurity, Homeland Security Secretary Alejandro Mayorkas said Wednesday while promising to harness federal resources to improve public and private-sector defenses. Mayorkas pledged to improve nearly every major facet of DHS’s cybersecurity work, from helping federal agencies recover from hacks to thwarting them in the first place. Part of that will come through an executive order President Joe Biden is expected to release soon to tighten security requirements for federal agencies and the software vendors that supply them. “Our government got hacked last year and we didn’t know about it for months,” Mayorkas said at an event hosted by security firm RSA. “This incident is one of many that underscores the need for the federal government to modernize cybersecurity defenses and deepen our partnerships,” Mayorkas said, referring to the alleged Russian spying operation exploiting contractor SolarWinds and […]

The post Mayorkas pledges to modernize US cyber-defenses after their failure to detect alleged Russian spies appeared first on CyberScoop.

Continue reading Mayorkas pledges to modernize US cyber-defenses after their failure to detect alleged Russian spies

Monitoramento de rede do Windows facilitado com OpManager

Posted on by

Os administradores de rede são responsáveis pela operação diária das redes de computadores em organizações de qualquer tamanho e escala. Sua principal tarefa é gerenciar, monitorar e manter vigilância sobre a infraestrutura de rede para prevenir e min… Continue reading Monitoramento de rede do Windows facilitado com OpManager

Patching is trucking along on Microsoft flaws, but hackers are still meddling

Posted on by

Over 92% of servers that were vulnerable to recently announced Microsoft flaws have been patched or mitigated around the world, Microsoft announced Thursday. The statistics are no doubt good news, as security researchers have tracked hackers from China exploiting systems and warned of an onslaught of ransomware attackers trying to take vulnerable organizations for a ride and extort them for money. The percentage comes amid a series of other rosy assessments on the number of vulnerable systems that remain. Less than a week ago the White House noted that in the week prior the number of vulnerable machines fell by 45%. But the revelations about high percentages of patching don’t speak to the number of organizations that hackers have already been able to exploit. Patching, while extremely helpful in warding off future hacking, does not evict hackers if they already exploited the vulnerabilities. Already criminal and nation-state hackers have taken […]

The post Patching is trucking along on Microsoft flaws, but hackers are still meddling appeared first on CyberScoop.

Continue reading Patching is trucking along on Microsoft flaws, but hackers are still meddling

US lacks visibility into digital espionage at home, NSA boss says

Posted on by

National Security Agency Director Gen. Paul Nakasone addressed the elephant in the room on Thursday during testimony on Capitol Hill: How could the U.S. government have missed SolarWinds and Microsoft Exchange Server hacking until after the malicious activity was already well underway? “It’s not the fact that we can’t connect the dots — we can’t see all the dots,” Nakasone said, acknowledging that the U.S. government, including the NSA, does not have a view into foreign hacking campaigns when they exploit domestic internet infrastructure. “We have a difficulty as a government understanding the totality of the actual intrusion.” The suspected Russian and Chinese hackers behind the SolarWinds supply chain attack and the hacking stemming from the Microsoft Exchange Server vulnerabilities, respectively, used U.S.-based computers and servers to launch their operations. It’s an indication to some, including White House officials, that intruders deliberately sought to bypass detection by the U.S. intelligence community. […]

The post US lacks visibility into digital espionage at home, NSA boss says appeared first on CyberScoop.

Continue reading US lacks visibility into digital espionage at home, NSA boss says