Attacks with Conti ransomware on Exchange Server
Attacks with Conti ransomware on Exchange servers continue - and are becoming more and more efficient. SophosLabs discovered that the cybercriminals had introduced seven backdoors in an attack. Investigations into the latest attacks on Exchange servers with Conti ransomware have shown that the cyber criminals access the systems via ProxyShell. Various critical updates have been released over the past few months for the vulnerabilities in Microsoft Exchange. ProxyShell is a further development of the ProxyLogon attack method. In recent months, the exploit has become one of the most important tools for ransomware attackers - even for those who use the new ...