Microsoft: More targeted attacks on Exchange servers

VG word pixels

“session manager”

A vulnerability in Microsoft Exchange has been actively exploited for the past year. Government institutions are also affected.

News

Pro Tips: Administer Exchange Server 2010

© Manufacturer/Archive

Various Microsoft Exchange servers belonging to government and military institutions have been attacked by unknown hackers since 2021 – many of the affected networks are still infected without the “SessionManager” malware being detected. This emerges from a report by security experts from Kaspersky.

The SessionManager malware is a native core module that enables a backdoor: This enables permanent and, above all, unobtrusive access to the attacked server. Among other things, the attackers could get hold of read permissions for e-mails or manage compromised networks and thus also inject new malware.

It is not yet known who is behind the attacks and how many networks were specifically targeted by the SessionManager attack. There is speculation on the part of Kaspersky via a connection to the “Gelsemium” hacker group, which has been active since at least 2014 and carried out the attacks as part of a “worldwide espionage operation”.

Exchange servers in Europe, Asia, Africa and the Middle East are particularly affected. Countless information, including login data, is said to have been collected here via the SessionManager malware and gotten into the hands of the hack.

Microsoft Exchange: The Basic Auth login will be phased out.
E-mail provider change: move all data - this is how it works

Security gap for Germany alone

Microsoft Exchange: Over 12,000 via vulnerabilities…

Numerous Microsoft Exchange servers are active in Germany, which lack current security updates and are therefore vulnerable to attacks.

1.7.2022 from
Yusuf Hatic

Continue to home page

more on the subject

How to spot phishing scams

Cyber ​​attacks via email

Phishing emails in the home office are increasing

In times of increased home office work, phishing emails are very popular with attackers. This is how cyber attacks happen.

send emails

Set up email apps

Apple, Googlemail, Outlook & Co.: IMAP &…

Apple, Googlemail, GMX, T-Online and Co. offer a website for e-mails. If you prefer to edit e-mails in apps, you will find the right…

Browser test 2020: The new Edge vs. Chrome & Firefox

Chrome, Edge and Firefox

Browser vulnerability: passwords stored in plain text

A vulnerability in Google Chrome allows passwords to be read in plain text. But Edge and Firefox should also be affected.

lock bit

Beware of these emails

LockBit: False copyright warning brings ransomware

E-mails are currently circulating warning of copyright infringements. In reality, however, it is a ransomware attack with LockBit.

© wk1003mike / shutterstock

“Professional Service Provider”

Lockbit 3.0: Blackmailers offer bug bounty program

The makers of the Lockbit ransomware appear to be extorting enough money to professionalize their “service”. There’s even a bug bounty program.

Reference-www.pc-magazin.de

See also  Flintlock: The Siege Of Dawn developers show more of their black powder fantasy