Hackers target Microsoft Exchange servers in internal reply-chain attacks
As a way to trick corporate targets into opening malicious attachments, the threat actor exploits Microsoft Exchange servers using the ProxyShell and ProxyLogon vulnerabilities.
The actors behind this attack are believed to be 'TR', a known threat actor who distribute emails with malicious attachments that drop malware, including Qbot, IcedID, Cobalt Strike, and SquirrelWaffle payloads.
The threat actors use these compromised Exchange servers to reply to the company's internal emails in reply-chain attacks containing links to malicious documents that install various malware.
As these emails originate from the same internal network and appear to be a continuation of a previous discussion between two employees, it leads to a greater degree of trust that the email is legitimate and safe.
Not only is this effective against the human recipients, but it’s also excellent for not raising any alarms on the email protection systems used in the target firm.
Nine out of ten healthcare organizations provide telehealth se
New research from Kaspersky interviewing 389 healthcare providers from 36 ...
Jyotiraditya Scindia informs Lok Sabha about 11 countries plac
Jyotiraditya Scindia, Union civil aviation minister informed the Parliamen...
Facial recognition technology to be soon launched in India's 4
The Minister of State in the Ministry of Civil Aviation General VK Singh ...
FINOLEX CABLES LTD.
QUICK HEAL TECHNOLOGIES (P) LTD.
CITADEL INTELLIGENT SYSTEMS PVT. LTD.
Icons Of India 2021 : SANDIP PATEL
Sandip Patel, is the MD for IBM India/South Asia region. He is respons...
ICONS OF INDIA 2021: DEEPINDER GOYAL
ICONS OF INDIA 2021: Deepinder Goyal, Founder & CEO, Zomato, is the F...