The breach of the Microsoft Exchange email server software is estimated to have hit tens of thousands of victims. The Biden administration has formally declared that Chinese state-backed APT groups were behind the original cyber attacks.
Internal emails reveal that leading furniture retailer IKEA is battling an ongoing campaign of phishing attacks, fueled by internal and vendor accounts that have already been compromised.
ProxyLogon vulnerabilities can cause significant issues for affected companies. Fortunately, Microsoft offered several solutions for fixing these problems, even providing one for people lacking on-site security assistance.
Guardicore discovered that the Microsoft Exchange server’s Autodiscover feature design flaw leaked credentials of 100,000 users by trying to authenticate on untrusted third-party servers.
The best way to deal with a vulnerability is doing what you can to prevent them from happening in the first place. Oftentimes, cyber risk can be managed even through simple and basic security hygiene practices.
Microsoft says state-sponsored Chinese hackers exploited four Microsoft Exchange mail server zero-day vulnerabilities. CISA warned of potential widespread exploitation.