Microsoft Exchange Server hack

Four zero-day vulnerabilities in Microsoft Exchange Server are being actively exploited by a state-sponsored threat group from China and appear to have been adopted by other cyberattackers in widespread attacks.

While in no way believed to be connected to the SolarWinds supply chain attack that has impacted an estimated 18,000 organizations worldwide — so far — there is concern that lags in patching vulnerable servers could have a similar impact, or worse, on businesses.

WHAT HAPPENED?

Microsoft told security expert Brian Krebs that the company was made aware of four zero-day bugs in “early” January.

A DEVCORE researcher, credited with finding two of the security issues, appears to have reported them around January 5. Going under the handle “Orange Tsai,” the researcher tweeted:

“Just report a pre-auth RCE chain to the vendor. This might be the most serious RCE I have ever reported.”

According to Volexity, attacks using the four zero-days may have started as early as January 6, 2021. Dubex reported suspicious activity on Microsoft Exchange servers in the same month.

By Charlie Osborne

March 9, 2021

Click to read the entire article on ZDNet

More Posts

March 3 through 6, 2025

This week I will be compiling the end of month numbers and sending out the report on Monday afternoon. I will also be working on

February 24 through 27, 2025

I will be working on multiple websites making SEO adjustments. I will also be away from my desk on appointments at various times throughout the

February 17 through 20, 2025

This week I will be working on updates to content and plugins to help boost SEO. I will also be reviewing the Google updates for