Threat actors have a lot of options, including launching ransomware and other attacks.
It may not be at the top of the headlines anymore, but the mass Microsoft Exchange exploitation isn’t over yet.
Huntress has been monitoring the situation since early February and has updated its resource page. In addition to the discoveries, the company reported the following findings:
The cyberattack was on Microsoft‘s on-premises Exchange business email software. The attack allowed access to email accounts and installation of malware to increase hackers’ dwell time inside a system.
We caught up with John Hammond, senior security researcher at Huntress, to find out the latest on the Microsoft Exchange exploitation.
Channel Futures: Is the threat from the Microsoft Exchange exploitation still very much real? If so, how?
John Hammond: The Exchange incident has taken up all of the month of March. And sadly, even now as we are in the early weeks of April, it continues. The threat is still very much real. Servers that are not patched are still being actively exploited. As public exploits are now available, any ill-intended actor can spray-and-pray across the internet looking for public-facing and vulnerable Exchange servers.
Scroll through the slideshow above for more of Hammond’s comments, as well as more cybersecurity news making headlines this week.
Session expired
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.