Home > News content

Microsoft Exchange server Vulnerability targeted by "at least 10 hacker organizations"

via:博客园     time:2021/3/14 23:54:49     readed:410

Four Zero Day vulnerabilities in Microsoft Exchange have been targeted by at least 10 advanced persistent threat (APT) hackers who have installed web shell backdoors on about 5000 servers across 115 different countries, which allow remote control of servers through web browsers. Last week, four vulnerabilities in Microsoft's exchange server became the focus of news. At that time, we heard that a hacker organization launched an attack on the e-mail servers of about 30000 U.S. government and business organizations.

ESET, a security research company, found that at least 10 apt organizations were taking advantage of these vulnerabilities to try to invade servers around the world. Winniti group, Calypso, tick and other hacker groups were found to be involved in the incident.

2021-03-13-image-p.webp

Webshell prevalence by country (2021-02-28 to 2021-03-09)

图片

How to deal with it?

Enterprises and organizations should urgently use Microsoft's updates to patch their servers, and then carefully check the logs to see if the web shell has been installed.

In order to further protect the server, it is recommended to use the organization of exchange mail system to restrict users' network access (for example, through virtual private network or setting firewall rules). This can protect the server from current vulnerabilities, as well as any vulnerabilities that are inevitable in the next few years.

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments