Microsoft Exchange: At Least 10 APT Groups Exploiting Flaws
March 11, 2021 – Article posted on BankInfoSecurity
Serious vulnerabilities in Microsoft Exchange have been exploited by at least 10 advanced persistent threat groups that have been collectively been hitting thousands of companies over the last three months, security researchers warn.
…Other security researchers have confirmed that the attacks began prior to Jan. 5….
…Earlier, Microsoft blamed the attacks on a single China-based group it calls Hafnium….
…In the bigger picture, Drew Schmitt, a senior threat intelligence analyst at GuidePoint Security, notes that attackers often continue to seek – and exploit – the most widely used technology possible, to maximize the impact of their efforts. “As we have seen with the SolarWinds breach and now these Microsoft Exchange vulnerabilities, threat groups are targeting technology used by many, to have the largest impact possible.”
Knowing the specific groups that are attacking vulnerable Exchange servers is a huge plus for defenders, says GuidePoint Security’s Schmitt.
“As defenders begin to have a more detailed grasp on threat groups and their methodology, they can implement defense-in-depth strategies that will provide the most layers of protection in their environments.”
Read more HERE.