1 min read

Microsoft Exchange Attack: 30,000 Servers Compromised

Featured Image


If you haven't patched your Microsoft Exchange Server recently you should seriously consider it. There are FOUR "zero-day" vulnerabilities currently wrecking havoc around the with tens of thousands of organizations affected.

The vulnerabilities are:

  • CVE-2021-26855
  • CVE-2021-26857
  • CVE-2021-26858
  • CVE-2021-27065

Microsoft issued emergency patches last week for the four vulnerabilities (which you can read more about here). Microsoft believes the hacking team behind the attacks, called Hafnium, is most likely based in China.

The United States Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued an order directing organizations apply the recently released patches.

Microsoft, in their statement regarding the issue, said "nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems."

Hafnium perpetrates their attacks by deploying "web shells" on the afflicted Exchange servers. Their intent is to steal data and installing malware.

You can find out more about the vulnerabilities here on Microsoft's update guide page: https://msrc.microsoft.com/update-guide/vulnerability

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Are Passkeys the Future? Apple Seems to Think So...

It's no secret that passwords are a pain in the butt. They can be difficult to remember, they're a huge target for cybercriminals, etc.

Read More

Alert: Follina aka CVE-2022-30190

A newly discovered exploit is using a flaw in Microsoft's Support Diagnostic Tool (MSDT) to remotely take over end-points via compromised Word...

Read More

Chaos/Yashma: The Torrid Tale of a GUI Based Ransomware Builder...

It used to take a good deal of coding knowledge to build a website or an application. That's not the case anymore. You can build a website in...

Read More