Source: Windows Central
What you need to know
- A strain of ransomware called DearCry is being used to target unpatched Exchange servers.
- Microsoft has released patches for Exchange servers, but some organizations have not patched systems yet.
- Check Point Research reports that exploitation attempts doubled every 2-3 hours over a recent 24-hour period.
While Microsoft has rolled out emergency patches to address vulnerabilities on its Exchange server software, many systems remain unpatched. Attackers are now increasingly going after unpatched systems. A strain of ransomware called DearCry is being utilized by attackers to target unpatched on-premises Exchange servers (via ZDNet).
Microsoft has detected and is now blocking the new family of ransomware, but it's still vital for organizations to patch their servers and take other security measures.
The Microsoft Security Intelligence Twitter account discussed the ransomware recently. A subsequent Tweet explains that Microsoft Defender customers utilizing automatic updates don't need to take any additional action.
According to Check Point Research (CPR), threat actors are increasing their attacks on vulnerable servers. Over 24 hours, CPR saw exploitation attempts on organizations double every 2-3 hours.
CPR states in its blog:
Since the recently disclosed vulnerabilities on Microsoft Exchange Servers, a full race has started amongst hackers and security professionals. Global experts are using massive preventative efforts to combat hackers who are working day-in and day-out to produce an exploit that can successfully leverage the remote code execution vulnerabilities in Microsoft Exchange.
CPR explains that if an attacker manages to utilize unpatched vulnerabilities, they can obtain corporate emails and place damaging code within organizations.
Random: I played Sea of Thieves via Xbox Cloud Gaming on a pirate ship IRL
I tried to experience IRL on a recent vacation, but I failed. I failed thanks to Xbox Game Pass' cloud gaming. And here are some pictures that exemplify exactly how I failed.
Here's what time Diablo 2: Resurrected launches on all platforms
Diablo 2: Resurrected returns us to the dark and gritty world of Sanctuary for another crack at Diablo and his cronies. Here's when you can start playing no matter your platform of choice.
U.S. cryptocurrency sanctions are on the way, according to new report
Loaded up on Ethereum or Bitcoin? The U.S. government may have bad news in store for your digital wallet.
Get your PC ready for the NVIDIA RTX 3080 with one of these PSUs
Plan on investing in NVIDIA's new RTX 3080 GPU? Make sure your power supply unit is up to snuff; if it's not, check out these top picks for best PSUs.