Hackers Exploiting Bug in Microsoft Email Servers 1k1rj Technology News

Volexity has observed multiple APT actors exploiting or attempting to exploit on-premise Exchange servers. 3c3m5e

By Indo-Asian News Service | Updated: 9 March 2020 17:37 IST

Hackers Exploiting Bug in Microsoft Email Servers

Volexity has observed multiple APT actors exploiting on-premise Exchange servers 265x6y

Highlights

Hacking groups are exploiting a vulnerability in Microsoft Exchange
Microsoft patched the vulnerability in February
The vulnerability was discovered by an anonymous security researcher

ment

Several state-sponsored hacking groups are exploiting a vulnerability in Microsoft Exchange email servers that the tech giant patched in February, a cyber-security firm has revealed. London-based Volexity saw this vulnerability -- CVE-2020-0688 -- exploited in the wild by advanced persistent threat (APT) actors. The vulnerability was discovered by an anonymous security researcher and reported to Microsoft by way of Trend Micro's Zero Day Initiative.

"Two weeks after the security updates were released, the Zero Day Initiative published a blog post providing more details on the vulnerability. The post made it clear that an attacker could exploit a vulnerable Exchange server if the three criteria are not met," said the Volexity Threat Research team.

"The Exchange Server had not been patched since February 11, 2020; The Exchange Control (E) interface was accessible to the attacker and the attacker has a working credential that allows them to access the Exchange Control in order to collect the ViewState Key," the security researchers noted.

Volexity has observed multiple APT actors exploiting or attempting to exploit on-premise Exchange servers.

In some cases, the attackers appear to have been waiting for an opportunity to strike with credentials that had otherwise been of no use.

Many organisations employ two-factor authentication (2FA) to protect their VPN, e-mail, etc., limiting what an attacker can do with a compromised .

"This vulnerability gives attackers the ability to gain access to a significant asset within an organization with a simple credential or old service ," said security researchers.

This issue further underscores why changing s periodically is a good best practice, regardless of security measures like 2FA.

Microsoft was yet to react to the Volexity report.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.