US remains the top country affected by Microsoft’s zero-day bugs
These vulnerabilities allow an attacker to read emails from an Exchange server without authentication or accessing an individual’s email account.
Microsoft, earlier this month, revealed four vulnerabilities affecting its Microsoft Exchange Servers. These vulnerabilities not only enable hackers to run a code on the Microsoft Exchange Servers but also write a path on the server. Now, a new report by Check Point Research says that in the past 72 hours, attacks on organisations on Microsoft Exchange Server have multiplied by more than six times.
The report also says that the country that remains the target of most of these attacks is the US. As per CPR's analysis, nearly 21% of the exploit attempts were made on countries based in the United States. This was followed by The Netherlands and Turkey with nearly 12% of the exploit attempts each. Italy and Australia were the fourth and fifth most affected countries with 6% and 4% of exploit attempts each.
The report also talks about the industries most affected by hacks. The report says that with 27% of the exploit attempts, government and military remain the most affected industry, followed by manufacturing with 22% of exploit attempts and software vendors with 9% of exploit attempts. Interestingly, education remains the fourth most affected sector with roughly six percent of the exploit attempts.
To give you a quick brief about the vulnerabilities, Microsoft on March 3 released an emergency patch for its Exchange Server product. This patch fixed four vulnerabilities, which includes CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065.
These vulnerabilities allow an attacker to read emails from an Exchange server without authentication or accessing an individual's email account. They also enable attackers to completely take over the mail server itself. Once an attacker takes over the Exchange server, they can open the network to the internet and access it remotely. Microsoft has already released an emergency patch to fix these vulnerabilities so your data is safe now.