New Attack Targeting Microsoft Exchange Servers

By   ISBuzz Team
Writer , Information Security Buzz | Feb 16, 2022 04:10 am PST

Researchers have discovered a new malware that is designed to be used with two existing exploits in order to transfer fraudulent money. According to an article published Tuesday, this malware combines ProxyLogon and ProxyShell in order to initiate these fraudulent transfers. An attempted attack that was flagged by the target’s bank just before the transaction fully completed pointed to an ongoing risk of unpatched Microsoft Exchange Servers and the use of business email compromise to trick potential targets. When recipients open a malicious file and enable macros, Cobalt Strike Beacon is executed, which gives attackers control over compromised computers, according to the report.

https://twitter.com/NetCentricsCorp/status/1493643783711428610