Microsoft Exchange Server in the crosshairs again

July 17, 2021
| No comments
B2B Cyber ​​Security ShortNews

Share post

Microsoft Exchange Server reported again unusual activity with intermittent connection attempts to bad networks. The potential cyber attack was noticed during a routine examination for anomalies and possible outgoing data connections.

The affected Exchange server was supposedly not attacked or infected in the first wave of attacks a few weeks ago. A certified forensic scientist recently examined the device and approved it. A short time later, the server reported unusual activity with attempts to connect to the USA and Switzerland. The attack pattern is very similar to the first wave of attacks that was recognized too late - with consequences up to total loss.

Anomalies on the exchange-Server & Hosting

“It is irrelevant whether the threat was not noticed by forensics or whether the end device was newly infected. It is important that a new threat to the Microsoft Exchange Server has been detected, to which we have to react immediately, ”says Christian Ullrich Head of Business Development at RED EAGLE IT GmbH, BlackFog's German distributor for the DA-CH region Endpoint security, which is the only one to have registered the incident so far. According to him, the attack was stopped by BlackFog. Ullrich: "The software was actually installed on the server for aftercare in order to identify future threats at an early stage and to take appropriate measures."

Exchange-Better secure servers

The IT security expert advises all companies to use precisely this form of additional protection. Because: The threat of ransomware is not over with a re-install or patch alone. Cyber ​​attacks often take place weeks after the malware has been activated. Affected systems are therefore not necessarily cleaned after restoring from the backup. The malware is also re-installed in the background and waits.

More at RedEagle-IT.de

 

About Red Eagle

RED EAGLE is a manufacturer-independent value added IT distributor with a focus on IT hardware and software components from various manufacturers. In addition to pure product sales, the company also offers professional advice and extensive service and support offers.

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more

 

 

Short news
, , , ,