Download Certificate- CMOs | ECIO | Most Admired Brand | Most Trusted Company

Microsoft Exchange Server vulnerabilities targeted to conduct financial fraud


By MYBRANDBOOK


Microsoft Exchange Server vulnerabilities targeted to conduct financial fraud

On Tuesday, Sophos researchers revealed a recent incident in which a Microsoft Exchange Server, which had not been patched to protect it against a set of critical vulnerabilities disclosed last year, was targeted to hijack email threads and spread malspam. The incident documented by Sophos also used the combination of Squirrelwaffle, ProxyLogon, and ProxyShell against Microsoft Exchange Servers to conduct financial fraud through email hijacking.

 

Squirrelwaffle is a malware loader first documented last year in malicious spam campaigns. The loader is often distributed through malicious Microsoft Office documents or DocuSign content tacked on to phishing emails.  If an intended victim enables macros in the weaponized documents, Squirrelwaffle then is often used to pull and execute CobaltStrike beacons via a VBS script. 

 

The advanced persistent threat (APT) group Hafnium was actively exploiting the bugs at this time, and other APTs quickly followed suit.  While the ProxyLogon/ProxyShell vulnerabilities are now well-known, some servers are still unpatched and open to attacks. 

 

Sophos says that in the recent campaign, the loader was deployed once the Microsoft Exchange Server had been compromised. The server, belonging to an unnamed organization, was used to "mass distribute" Squirrelwaffle to internal and external email addresses by hijacking existing email threads between employees. 

 

The spam campaign was used to spread Squirrelwaffle, but in addition, attackers extracted an email thread and used the internal knowledge within to conduct financial fraud. 

 

Customer data was taken, while a victim organization was also selected. The attackers registered a domain with a name very close to the victim -- a technique known as typo-squatting -- and then created email accounts through this domain to reply to the email thread outside of the server.

 

"To add further legitimacy to the conversation, the attackers copied additional email addresses to give the impression that they were requesting support from an internal department," Sophos explained. "In fact, the additional addresses were also created by the attacker under the typo-squatted domain." 

 

Over six days, the attackers tried to direct a legitimate financial transaction to a bank account they owned. The payment was on its way to being processed, and it was only due to a bank involved in the transaction realizing the transfer was likely fraudulent that the victim did not fall prey to the attack. 
 BREAKING NEWS  BREAKING NEWS
Indian startup OneAIChat announces unified interface for leading

Indian startup OneAIChat announces unified interface for leading ...

An Indian startup, OneAIChat has built a multi-modal AI aggregator to sav...

TCS and AWS to accelerate customers’ cloud migration and offer

TCS and AWS to accelerate customers’ cloud migration and offer ...

Tata Consultancy Services has forged a strategic alliance with Amazon Web...

ESET provides enhanced enterprise security through a newly develo

ESET provides enhanced enterprise security through a newly develo...

ESET is pleased to present the ESET Mobile Threat Defence module (EMTD) ...

Telecom operators write to DoT seeking ban on illegal WiFi device

Telecom operators write to DoT seeking ban on illegal WiFi device...

In a move that may see the widening of the gulf between telecom operators a...

 TECHNO TRENDS  Placeholder image
SAP launches cloud services to help Indian scaleups innovate m

SAP launches cloud services to help Indian scaleups innovate m

SAP at SAP unveils now "GROW with SAP for Scaleups," a new cloud service d...

Denodo and Sonata form alliance to unlock data-to-value creati

Denodo and Sonata form alliance to unlock data-to-value creati

Denodo and Sonata Information Technology India Limited (SITL) have annou...

Google Play Store will now let users download two apps simulta

Google Play Store will now let users download two apps simulta

Google Play Store now lets users download two apps simultaneously. While a...

Google Pay has added

Google Pay has added "Open Wallet" shortcut

With the introduction of the "Open Wallet" shortcut, Google Pay has impro...

 E-Magazine 
 TECHNOTAINMENT  Placeholder image
ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as

ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as

Salman Khan trolled for singing with B Praak at Anant Ambani's

Salman Khan trolled for singing with B Praak at Anant Ambani's

To celebrate Mukesh Ambani's youngest son Anant Ambani’s 29th birthday

Disney+ Hotstar wins the Best OTT Platform of the year

Disney+ Hotstar wins the Best OTT Platform of the year

Film Critics Guild and Group M Motion Entertainment, in collaboration with

 MOVERS & SHAKERS  Placeholder image
DigiCert names Atri Chatterjee as CMO

DigiCert names Atri Chatterjee as CMO

Amagi names its Chief Product Officer

Amagi names its Chief Product Officer

Amagi announced the appointment of Richard Perkett as its Chief Product Of
Nium Appoints Alexandra Johnson appoints as Chief Payments Off

Nium Appoints Alexandra Johnson appoints as Chief Payments Off

Nium, the leader in real-time cross-border payments, today announced the ap
 OPEN YOUR EYES  Placeholder image

A question arises on how would be the future of the workplace?
The rise in internet usage has opened the doors to conduct cyber-attacks
Manufacturing sector will be the next growth engine for Indian Economics
Modernize the IT Strategy To Navigate COVID-19 and Beyond
Contact-less Technology to Bring Revolution In This Pandemic Era
 INTERVIEWS  Placeholder image
D-Link in pursuit of building a more connected, smarter and co

D-Link in pursuit of building a more connected, smarter and co

Fire-Boltt innovates and introduces newer categories to make i

Fire-Boltt innovates and introduces newer categories to make i

One of the biggest strengths and focus area of Fire-Boltt is innovation. Wi
Elastic democratizing search with powerful AI and ML-enabled s

Elastic democratizing search with powerful AI and ML-enabled s

Elastic is always committed to staying ahead of the curve and constantly re
 HOT PICK  Placeholder image
Lenovo launches IdeaPad Pro 5i in India with Intel Core Ultra

Lenovo launches IdeaPad Pro 5i in India with Intel Core Ultra

COLORFUL rolls out an array of gaming laptops

COLORFUL rolls out an array of gaming laptops

COLORFUL launched its incredible series of COLORFUL EVOL P15 gaming laptop
Dell Technologies launches new AI-powered commercial PC portfo

Dell Technologies launches new AI-powered commercial PC portfo

Dell Technologies has launched the broadest portfolio of commercial AI lap
 MAKE IN INDIA BRANDS   Placeholder image
LUMINOUS POWER TECHNOLOGIES PVT. LTD.

LUMINOUS POWER TECHNOLOGIES PVT. LTD.


SAMSUNG INDIA ELECTRONICS PVT. LTD.

SAMSUNG INDIA ELECTRONICS PVT. LTD.


WIPRO LTD.  

WIPRO LTD.  


RAMCO SYSTEMS Ltd. 

RAMCO SYSTEMS Ltd. 


 EMINENT CIO'S OF INDIA  EMINENT CIO'S OF INDIA

Holistically approaching and adopting the latest technologies  

At HooLiv, we define the annual AOP, prioritizing ...

Creating a culture of innovation with new technologies to bring transformation in business

Considering data protection at the initial stage o...

Technology creating new capabilities leading to business growth

As technology evolves rapidly, we should stay abre...

 ICONS OF INDIA  Placeholder image

Technology Icons Of India 2023: Vijay Shekhar Sharma

Vijay Shekhar Sharma is an Indian technology entrepreneur and billiona...

Technology Icons Of India 2023: Anant Maheshwari

As President of Microsoft India, he is responsible for Microsoft’s o...

Technology Icons Of India 2023: Nikhil Rathi

Nikhil Rathi, Co-founder & CEO of Web Werks, a global leader in Data C...

 PARTNER SPEAKERS  EMINENT CIO'S OF INDIA

Value Point equipping enterprises to stay abreast in the rapidly shifting landscape with necessary tools

In the modern world, technology is undeniably the keystone of business success...

RAH infotech bolstering its position as a leading VAD with its commitment to excellence

The future of the IT industry in India is promising, with several trends and f...

Customer Satisfaction is Sound Solutions’ Foundation for Success and Resilience

India is a very big market with a variety of segments like SME, Corporate, Gov...

 PSU  Placeholder image

GeM maintains transparency in online procurement of goods & services  

Created in a record time of five months, Government eMarketplace is a ...

NIC bridging the digital divide and supporting government in eGovernance  

The National Informatics Centre (NIC) is an Indian government departme...

DRDO is India's largest and most diverse research organisation 

DRDO is the R&D wing of Ministry of Defence, Govt of India, with a vis...

 VIDEOS  Placeholder image

 Top 25 Brands  Solution partners

Most Trusted Brands 2023 : SAP India Pvt. Ltd.

The German software giant aims to double its investments in India over the nex...

Most Trusted Brands 2023 : Tech Mahindra Limited

Tech Mahindra is focused on leveraging next-generation technologies including ...

Most Trusted Brands 2023 : Reliance Jio Infocomm Limited  

Jio’s vision is to transform India with the power of digital revolution, to...

 Value-Added Distribution  Value-Added Distribution

RAH INFOTECH

RAH Infotech is India’s fastest growing technology value added dist...

INGRAM MICRO INDIA PVT. LTD.

Ingram Micro India, a large national distributor offers a comprehensiv...

TECHNOBIND SOLUTIONS PVT. LTD.

TechnoBind’s business model is focused on identifying and partnering...

 ITFORUM 2024  
 WIITF 2024  
   
 CMO of the Year   Placeholder image
 WOMEN LEADERSHIP  Placeholder image
 EMINENT CIO's OF INDIA   Placeholder image
 TRENDS IN TECHNOLOGY  Placeholder image
MORE VIDEOS  Placeholder image
Brand Book
Brand Book
Brand Book
Brand Book
 ADVERTISEMENTS  Placeholder image
 TECHNOLOGY DISRUPTION Placeholder image

Healthcare data breaches hit an all-time high

Healthcare data breaches hit an all-time high

AI could play crucial role in growth of farm sector

AI could play crucial role in growth of farm sector

Indian consumers are extremely open to adopt AI as the game-changer

Indian consumers are extremely open to adopt AI as the game-changer

Web 3.0 a $1.1 trillion growth opportunity for India

Web 3.0 a $1.1 trillion growth opportunity for India

 UNICORNS REVOLUTIONISING Placeholder image

Honasa Consumer Private Limited

Honasa Consumer Private Limited

Builder.ai

Builder.ai

Big Tree Entertainment Private Limited

Big Tree Entertainment Private Limited

NoBroker Technologies Solutions Private Limited

NoBroker Technologies Solutions Private Limited


Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org
ADMIRED BRANDS

AFTER MARKET SERVICES

CATEGORIES

DISTRIBUTORS & VADs
GOVERNMENT BODIES

INDUSTRY BODIES

MAKE IN INDIA

CONTACT US

SUBSCRIBE NOW