Here’s how hackers are targeting a bug in Microsoft email servers | Tech News

Here’s how hackers are targeting a bug in Microsoft email servers

In some cases, the attackers appear to have been waiting for an opportunity to strike with credentials that had otherwise been of no use.

By: INDO ASIAN NEWS SERVICE
| Updated on: Aug 20 2022, 19:51 IST
The vulnerability was discovered by an anonymous security researcher and reported to Microsoft by way of Trend Micro’s Zero Day Initiative.
The vulnerability was discovered by an anonymous security researcher and reported to Microsoft by way of Trend Micro’s Zero Day Initiative. (AP)

Several state-sponsored hacking groups are exploiting a vulnerability in Microsoft Exchange email servers that the tech giant patched in February, a cyber security firm has revealed. London-based Volexity saw this vulnerability -- CVE-2020-0688 -- exploited in the wild by advanced persistent threat (APT) actors.

The vulnerability was discovered by an anonymous security researcher and reported to Microsoft by way of Trend Micro's Zero Day Initiative.

You may be interested in

MobilesTablets Laptops
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
27% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

"Two weeks after the security updates were released, the Zero Day Initiative published a blog post providing more details on the vulnerability. The post made it clear that an attacker could exploit a vulnerable Exchange server if the three criteria are not met," said the Volexity Threat Research team.

Also read
Looking for a smartphone? To check mobile finder click here.

ALSO READ: Malicious coronavirus domains flood the web as curiosity about the virus grows

"The Exchange Server had not been patched since February 11, 2020; The Exchange Control Panel (ECP) interface was accessible to the attacker and the attacker has a working credential that allows them to access the Exchange Control Panel in order to collect the ViewState Key," the security researchers noted.

Volexity has observed multiple APT actors exploiting or attempting to exploit on-premise Exchange servers.

In some cases, the attackers appear to have been waiting for an opportunity to strike with credentials that had otherwise been of no use.

ALSO READ: 7 in 10 organisations saw hacking attempts via IoT

Many organisations employ two-factor authentication (2FA) to protect their VPN, e-mail, etc., limiting what an attacker can do with a compromised password.

"This vulnerability gives attackers the ability to gain access to a significant asset within an organization with a simple user credential or old service account," said security researchers.

This issue further underscores why changing passwords periodically is a good best practice, regardless of security measures like 2FA. Microsoft was yet to react to the Volexity report.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 09 Mar, 18:01 IST
Tags:
NEXT ARTICLE BEGINS