Download Certificate- Most Promising Partner | ECIO | Most Admired Brand | Most Trusted Company

Microsoft Exchange Server vulnerabilities targeted to conduct financial fraud


By MYBRANDBOOK


Microsoft Exchange Server vulnerabilities targeted to conduct financial fraud

On Tuesday, Sophos researchers revealed a recent incident in which a Microsoft Exchange Server, which had not been patched to protect it against a set of critical vulnerabilities disclosed last year, was targeted to hijack email threads and spread malspam. The incident documented by Sophos also used the combination of Squirrelwaffle, ProxyLogon, and ProxyShell against Microsoft Exchange Servers to conduct financial fraud through email hijacking.

 

Squirrelwaffle is a malware loader first documented last year in malicious spam campaigns. The loader is often distributed through malicious Microsoft Office documents or DocuSign content tacked on to phishing emails.  If an intended victim enables macros in the weaponized documents, Squirrelwaffle then is often used to pull and execute CobaltStrike beacons via a VBS script. 

 

The advanced persistent threat (APT) group Hafnium was actively exploiting the bugs at this time, and other APTs quickly followed suit.  While the ProxyLogon/ProxyShell vulnerabilities are now well-known, some servers are still unpatched and open to attacks. 

 

Sophos says that in the recent campaign, the loader was deployed once the Microsoft Exchange Server had been compromised. The server, belonging to an unnamed organization, was used to "mass distribute" Squirrelwaffle to internal and external email addresses by hijacking existing email threads between employees. 

 

The spam campaign was used to spread Squirrelwaffle, but in addition, attackers extracted an email thread and used the internal knowledge within to conduct financial fraud. 

 

Customer data was taken, while a victim organization was also selected. The attackers registered a domain with a name very close to the victim -- a technique known as typo-squatting -- and then created email accounts through this domain to reply to the email thread outside of the server.

 

"To add further legitimacy to the conversation, the attackers copied additional email addresses to give the impression that they were requesting support from an internal department," Sophos explained. "In fact, the additional addresses were also created by the attacker under the typo-squatted domain." 

 

Over six days, the attackers tried to direct a legitimate financial transaction to a bank account they owned. The payment was on its way to being processed, and it was only due to a bank involved in the transaction realizing the transfer was likely fraudulent that the victim did not fall prey to the attack. 
 BREAKING NEWS  BREAKING NEWS
Cisco announces AI-native secure Wi-Fi 7 for future-ready employe

Cisco announces AI-native secure Wi-Fi 7 for future-ready employe...

Announcing a major leap in wireless technology, Cisco has launched its Wi...

The BSE benchmark Sensex tumbled over 800 points, leaving investo

The BSE benchmark Sensex tumbled over 800 points, leaving investo...

The BSE benchmark Sensex recently experienced a significant drop, tumblin...

North Korean GPS Interference Disrupts Air Traffic

North Korean GPS Interference Disrupts Air Traffic...

South Korea's military has publicly accused North Korea of disrupting GP...

US ordered TSMC to halt chip shipments to China

US ordered TSMC to halt chip shipments to China...

TSMC has had regular discussions with the government on export control issu...

 TECHNO TRENDS  Placeholder image
Nazara and ONDC set to transform in-game monetization with ‘

Nazara and ONDC set to transform in-game monetization with ‘

Nazara Technologies has teamed up with the Open Network for Digital Comme...

Jio Platforms and NICSI to offer cloud services to government

Jio Platforms and NICSI to offer cloud services to government

In a collaborative initiative, the National Informatics Centre Services In...

BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium

BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium

A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...

Pinterest tracks users without consent, alleges complaint

Pinterest tracks users without consent, alleges complaint

A recent complaint alleges that Pinterest, the popular image-sharing platf...

 E-Magazine 
 TECHNOTAINMENT  Placeholder image
Eloelo teams up with Elvish Yadav for India's biggest digital

Eloelo teams up with Elvish Yadav for India's biggest digital

Netflix adds 'Moments' feature for saving, sharing scenes from

Netflix adds 'Moments' feature for saving, sharing scenes from

Netflix has introduced a new “Moments” feature on its mobile app, whic
Jacqueline Fernandez come together with YouTuber Mr. Beast for

Jacqueline Fernandez come together with YouTuber Mr. Beast for

Jacqueline Fernandez has partnered with American YouTuber Mr. Beast to b
 MOVERS & SHAKERS  Placeholder image
Kamal Nath quits SIFY Technologies

Kamal Nath quits SIFY Technologies

Visa elevates Rishi Chhabra as new Country Manager for India

Visa elevates Rishi Chhabra as new Country Manager for India

Rishi holds a Master’s in Industrial Engineering from The Ohio State Univ
Genesys welcomes Albert Nel as Senior VP and Regional Sales Le

Genesys welcomes Albert Nel as Senior VP and Regional Sales Le

Genesys continues to deepen its investment in the APAC region. Earlier this
 OPEN YOUR EYES  Placeholder image

Entire communications is moving towards Webinar :Age of Discovery
Automation & AI are becoming the main drivers for many business
India's IT industry has moved nearly two thirds of its 4.36 million workforces to work from home
COVID-19 Crisis Leads To Rising Growth Of Enterprise Collaboration Market
Rising Uncertainty On The Start-ups At The Verge Of Collapse
 INTERVIEWS  Placeholder image
AMD Pensando driving innovation in the DPU architecture space

AMD Pensando driving innovation in the DPU architecture space

Alcatel-Lucent Enterprise Carrying a 100 year legacy ahead

Alcatel-Lucent Enterprise Carrying a 100 year legacy ahead

A good amount of R&D works and global support services are operated out of

Cisco building a trusted and resilient future for the nation

Cisco building a trusted and resilient future for the nation

Security is foundational to everything Cisco does and customers insist on e
 HOT PICK  Placeholder image
BOULT unveils AmpVault V10 & V20 powerbanks: Fast charging, sa

BOULT unveils AmpVault V10 & V20 powerbanks: Fast charging, sa

SonicWall Launches TZ80: A Powerful Solution for Remote Office

SonicWall Launches TZ80: A Powerful Solution for Remote Office

SonicWall announced today the launch of the TZ80, a groundbreaking securit
Gigabyte X3D Turbo: A Gaming Revolution

Gigabyte X3D Turbo: A Gaming Revolution

GIGABYTE X3D Turbo Mode is a cutting-edge feature that unifies cores distr
 MAKE IN INDIA BRANDS   Placeholder image
ZOHO CORPORATION PVT. LTD.

ZOHO CORPORATION PVT. LTD.


EXIDE INDUSTRIES LTD.

EXIDE INDUSTRIES LTD.


TALLY SOLUTIONS PVT. LTD.

TALLY SOLUTIONS PVT. LTD.


TP-LINK INDIA PVT. LTD.

TP-LINK INDIA PVT. LTD.


 EMINENT CIO'S OF INDIA  EMINENT CIO'S OF INDIA

AI AND DATA ANALYTICS REVOLUTIONIZING HEALTHCARE SERVICES

...

AIM TO PUT IA SOLUTIONS WITH A WIDE “GENERAL INTELLIGENCE” SCOPE INTO PRACTICE

Our firm is fortunate to be led by distinguished i...

AGILE TECHNIQUE ENCOURAGES TEAMWORK, ADAPTABILITY, AND CONTINUOUS ITERATION

Several emerging technology trends are significant...

 ICONS OF INDIA  Placeholder image

ICONS OF INDIA : RAJESH NAMBIAR

Rajesh leads the company’s India associates and enhances relationshi...

Icons Of India : NATARAJAN CHANDRASEKARAN

Natarajan Chandrasekaran (Chandra) is the Chairman of Tata Sons, the h...

Icons Of India : ASHISH KUMAR CHAUHAN

Ashish kumar Chauhan, an Indian business executive and administrator, ...

 PARTNER SPEAKERS  EMINENT CIO'S OF INDIA

Innovation and Adaptability help to stay relevant

Utilizing data analytics tools, companies can track various metrics such as we...

"We will either find a way or make one"

A provider of high-quality IT products and services, Bluecom Infotech caters t...

Regaining its Technical Aura By Resonating Consistency & Reliability

Brand awareness metrics and KPIs help TDM Networks to monitor and analyze the ...

 PSU  Placeholder image

BEL - Bharat Electronics Limited

BEL is an Indian Government-owned aerospace and defence electronics co...

NSE - National Stock Exchange  

NSE is the leading stock exchange in India....

IREDA - Indian Renewable Energy Development Agency Limited 

IREDA is a specialized financial institution in India that facilitates...

 VIDEOS  Placeholder image

 Top 25 Brands  Solution partners

Most Trusted Brands 2024 : ACCENTURE PLC

Accenture is renowned for its commitment to technological innovation. It inves...

Most Trusted Brands 2024: Nvidia Corporation

NVIDIA, founded in 1993, has evolved significantly over the years. Initially k...

Most Trusted Brands 2024: Infosys Ltd.

Infosys, leverages emerging technologies and digital capabilities to help clie...

 Global Indian industry   Value-Added Distribution

Indian Tech Talent Excelling The Tech World - Aneel Bhusri, CEO, Workday

Aneel Bhusri, Co-Founder and Executive Chair at Workday, has been a le...

Indian Tech Talent Excelling The Tech World - Thomas Kurian, CEO- Google Cloud

Thomas Kurian, the CEO of Google Cloud, has been instrumental in expan...

Indian Tech Talent Excelling The Tech World - JAYASHREE ULLAL, President and CEO - Arista Network

Jayshree V. Ullal is a British-American billionaire businesswoman, ser...

 STARNITE AWARDS 2024  
 ITFORUM 2024  
   
 CMO of the Year   Placeholder image
 WOMEN LEADERSHIP  Placeholder image
 IMAGE GALLERY   Placeholder image
 TRENDS IN TECHNOLOGY  Placeholder image
MORE VIDEOS  Placeholder image
Brand Book
Brand Book
Brand Book
Brand Book
 ADVERTISEMENTS  Placeholder image
Brandbook Brandbook
 TECHNOLOGY DISRUPTION Placeholder image

Mahindra & Mahindra to accelerate its cloud journey with help of SAP

Mahindra & Mahindra to accelerate its cloud journey with help of SAP

IBM Consulting opens new Client Innovation Centers in Kochi and Coimbatore

IBM Consulting opens new Client Innovation Centers in Kochi and Coimbatore

ChatGPT Can Fix Bugs in Computer Code

ChatGPT Can Fix Bugs in Computer Code

BEL & IAI sign MoU to address requirements in Short Range Air Defence Systems’ domain

BEL & IAI sign MoU to address requirements in Short Range Air Defence Systems’ domain

 UNICORNS REVOLUTIONISING Placeholder image

InCred Financial Services Limited

InCred Financial Services Limited

NTEX Transportation Services Pvt. Ltd.

NTEX Transportation Services Pvt. Ltd.

Fractal Analytics Private Limited

Fractal Analytics Private Limited

OfB Tech. Pvt. Ltd

OfB Tech. Pvt. Ltd


Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org
ADMIRED BRANDS

AFTER MARKET SERVICES

CATEGORIES

DISTRIBUTORS & VADs
GOVERNMENT BODIES

INDUSTRY BODIES

MAKE IN INDIA

CONTACT US

SUBSCRIBE NOW