New Attack Targeting Microsoft Exchange Servers

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1" class="logo-image logo-image-dark" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1" class="logo-image" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1" class="logo-image logo-image-dark" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_White-171x76-2.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

<img src="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1" class="logo-image" alt="Information Security Buzz" width="171" height="76" srcset="https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K-150x67.png?lossy=1&strip=1&webp=1 150w, https://b1265760.smushcdn.com/1265760/wp-content/uploads/ISB-Logo_171K.png?lossy=1&strip=1&webp=1 171w" sizes="(max-width: 171px) 100vw, 171px" />

attack 1

Researchers have discovered a new malware that is designed to be used with two existing exploits in order to transfer fraudulent money. According to an article published Tuesday, this malware combines ProxyLogon and ProxyShell in order to initiate these fraudulent transfers. An attempted attack that was flagged by the target’s bank just before the transaction fully completed pointed to an ongoing risk of unpatched Microsoft Exchange Servers and the use of business email compromise to trick potential targets. When recipients open a malicious file and enable macros, Cobalt Strike Beacon is executed, which gives attackers control over compromised computers, according to the report.

https://twitter.com/NetCentricsCorp/status/1493643783711428610

About the Author

ISBuzz Team

The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

Working With Us

Write For Us

The Pages